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Abstract 

In  this  paper  we  extend  the  higher-order  critical  pair  criterion,  as  described  in  [9],  to  the  LF  framework 
[10].  a  calculus  with  dependent  types.  The  notion  of  dependence  relation  is  introduced,  and  used  to  restrict 
rewriting  to  those  cases  where  well-typedness  is  preserved. 
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1.  Historical  background 

In  the  study  of  Term  Rewriting  Systems  (TRS),  the  two  key  properties  that  we  are  mostly  interested  with 
are  termination  and  confluence,  which  imply  existence  and  uniqueness,  respectively,  of  normal  forms.  In 
presence  of  these  conditions,  the  test  for  convertibility  of  two  terms,  undecidable  in  the  general  case,  reduces 
to  a  simple  test  for  equality  of  their  respective  normal  forms. 

One  of  the  central  results  in  this  study  is  certainly  the  Critical  Pair  Lemma  for  first-order  TRSes  [6],  which 
provides  a  computational  method  to  check  for  local  confluence  in  a  TRS,  together  with  a  way  to  extend  any 
TRS  to  an  equivalent  locally  confluent  one.  This  fact,  in  conjunction  with  Newman’s  lemma  [4],  which  says 
that  in  presence  of  termination  local  confluence  and  confluence  coincide,  has  led  in  the  last  decade  to  a  series 
of  important  breakthroughs  in  the  field  of  automated  equational  reasoning. 

Until  fairly  recently,  all  attempts  to  lift  the  theory  of  TRSes  to  the  higher-order  case  seemed  to  be 
undermined  by  the  presence  of  some  well-known  negative  results  in  this  setting,  first  among  these  the 
undecidability  of  the  general  unification  problem.  The  first  important  advance  in  order  to  overcome  these 
difficulties  is  due  to  D.  Miller  [8].  who  identified  a  subclass  of  higher-order  terms,  called  higher- order  patterns 
for  which  the  unification  problem  is  decidable,  and  moreover  uniqueness  of  most  general  unifiers  hold.  Making 
use  of  this  result,  T.  Nipkow  [7.  9]  was  able  to  state  and  prove  an  analogous  of  the  Critical  Pair  Lemma  for 
the  case  of  higher-order,  simply-typed  TRSes.  Nipkow’s  Higher  Order  Term  Rewriting  Systems  (HTRS)  are 
similar  to  Klop's  Combinatory  Reduction  Systems  (C'RS).  For  a  detailed  analysis  of  the  relation  between 
these  two,  see  [16].  In  this  paper  we  extend  higher-order  rewriting  to  a  calculus  with  dependent  types,  as 
presented  in  [3].  Our  approach  in  the  proof  of  most  results,  notably  the  Critical  Pair  Lemma,  will  follow 
Nipkow’s  one.  though  significant  modifications  are  necessary  due  to  the  fact  that  here  terms  may  appear 
inside  types. 


2.  Preliminaries 

Definition  2.1.  The  LF  calculus  is  a  three-level  calculus  for  terms ,  type  families,  and  kinds 

Kinds  K  :=  type  |  n.r  :  A.K 
Families  .4  :=  a  |  n.r  :  A.B  \  AM 

Terms  M  :=  c  \  x  \  Xx  :  A.M  \  MN 

In  the  following.  K  denotes  kinds.  .4,  B  families.  M.  N  terms:  a  stands  for  constants  at  the  level  of  type 
families,  <:•  for  constants  at  the  level  of  terms,  x,  y,z  for  variables. 

We  assume  the  usual  notions  of  a.  3  and  ^-reduction.  All  these  notions,  although  defined  on  terms, 
extend  naturally  by  congruence  to  type  families  and  kinds.  All  objects  will  be  considered  equal  modulo 
o-conversion. 

We  denote  by  — >-fF.  -4*  and  =7  the  reflexive,  reflexive-transitive,  and  reflexive-synunetric-transitive 
closure,  respectively,  of  -47,  q  €  {a.  3.  /;}:  =  is  the  smallest  equivalence  relation  including  =n.  =q,  =,?. 

By  [N/x]M  ($f/x]A,  [iV/r]/i  respectively)  we  intend,  as  usual,  the  replacement  of  all  the  free  occurrences 
of  x  by  N  inside  M  (.4.  K,  respectively).  As  usual,  ^-conversion  will  be  used,  if  necessary,  to  ensure  the 
that  no  free  variable  occurrence  is  captured  inside  the  scope  of  a  quantifier. 

The  notation  EV(E)  and  BV(E)  is  used  to  denote  the  set  of  free  and  bound  variables,  respectively,  in  E„ 
where  E  may  be  a  term,  a  type  family  or  a  kind. 

Definition  2.2.  To  define  the  class  of  well-typed  kinds,  type  families,  and  terms  we  make  use  of  signatures 
and  contexts: 


Signatures  5  :=  •  |  E, «  :  K  |  S,  c  :  .4 
Contexts  r  :=  ■  |  T,  x  :  .4 

We  will  use  F  and  A  to  range  over  contexts. 

Well-formed  terms  of  a  given  type,  type  families,  and  kinds  are  then  formed  accordingly  to  the  judgements 

r  hE  M  :  4  F  A  :  K 

T  K  Kind 
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These  in  turn  are  defined  in  terms  of  the  auxiliary  judgements 

h  S  Sig 
T  Ctx 

which  specify  how  valid  signatures  and  contexts  are  formed. 

The  rules  for  the  calculus  are  listed  below: 

T(c)=.4  T(:r)=.4 

IT';c:  4  IK;.r:  4 

Tl-s.4:type  T.x:A\-yM:B 
I'K  ,\.r:  U/:ll.r:4./>' 

T\~y.M:A  A=B  Thv;i?:tvpe 
I  K  4/:/;’ 


T\-yM:Tlx:A.B  I  K  V:  4 

V\-\.\  I  X:\iXf  ,i'B 

S(a)=A 

TI-Ea:A 


T\-y.A:Tlx:B.K  T\-yM:B 
T\-yAM:[M  /  x]K 

rhs-4:type  T , x :  _4h v B : t v p e 
rKILr;x4.i3:typo 

l’K  4:iype  r..K:-4l~E7v~  Kind 
Thvtype  Kind  n-EILr:.4.A'  Kind 

hvT  C'tx  IT>;.4:typ'' 

hv-  C'tx  hvr..m4  Ctx 


TK;  4:  A  K=K'  ThyK'  Kind 
TCyA-.K' 


K  Sig 

\-yK  Kind  hS  Sig  hENl:type  ThT  Sig 
hS,a:A  Sig  "  hS.cx4  Sig 

We  will  use  M  N  to  denote  the  repeated  application  M  Ni  No  ■  ■  ■  N„:  similarly  for  type  families.  The 
notation  [A"/t]  will  stand  for  the  repeated  replacement  [A7,,/.!;,,] . . .  [W /x\\  rather  than,  as  traditionally,  for 
the  simultaneous  one  [  A";  /  x\ ATn/*n],  which  we  will  not  need  to  use  in  this  paper. 

3.  Dependency  Relations 

Differently  from  the  simply-typed  lambda-calculus,  in  the  LF  calculus  replacing  a  subterm  with  another 
of  the  same  type  inside  a  term  may  affect  the  type  of  the  overall  expression.  The  reason  for  this  lies  in  the 
definition  of  the  rule  for  application: 


l'K-  \/:ll.,:.l.«  T\-yN:A 
l'K:4/ W:[N/x]B 
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If  we  replace  N  by  another  term  T  hs  N1  :  A  we  get  an  expression  of  a  different  (and  not  necessarily 
equivalent)  type: 

I'K  \/:!l.r:  !./>>  I'K  \":  t 

tk  t/.yv.y'  .■  ;/»■ 

Worse  than  that,  the  resulting  expression  may  not  be  well-typed  at  all.  Suppose  that  the  expression  above 
was  in  turn  a  subterm  in  the  expression: 

l  b'; d/':l l;/:[A /.(•  B.(  '  TbsM  N:\N/x]B 
rbsM'  (M  N):[{M  N)/y]C 

Since  in  general  T  h>;  M'  :  IT?/  :  [N1  / x\B .C  may  not  hold,  the  expression  we  obtain  after  the  replacement 
is  ill- typed. 

This  problem  is  concretely  illustrated  by  the  following: 

Example  1.  Consider  the  following  representation  of  a  fragment  of  arithmetic: 

nat : type 

0  :  nat 

s  :  nat  =t>  nat 
+  :  nat  (nat  nat) 

where  we  used  the  notation  A  =$>  B  and  .4  =>  K  for  the  abstractions  TT.r  :  A.B  and  TT.r  :  A.K  where 
x  ^  EV(B)  and  x  ^  EV(K).  respectively. 

We  want  now  to  formalize  the  (first-order)  predicate  “n  is  even”,  together  with  some  inference  rules  that 
allow  us  to  decide  if  a  number  is  even: 

o : type 

proof :  o  =t>  type 
even  :  nat  =>  o 

eveno  :  proof) even  0) 

evenss  :  IT.r  :  nat.  proof(even  x)  proof(even  (s  (s  x))) 

even+  :  ILr  :  nat.  II y  :  nat.  proof) even  x)  =>  (proof)even  y)  proof(even  (+  x  y))) 
even.s+  :  Il.r  :  nat.  II y  :  nat.  proof(even  (+  x  y))  =t>  proof(even  (+  (s  x)  (s  y))) 

In  this  signature,  for  example,  the  term 

even+  0  ( +  0  0 )  eveno  ( even+  0  0  eveno  eveno ) 
is  well  typed,  but  rewriting  (+  0  0)  -4  0  :  nat  we  get 

even+  0  0  eveno  (even+  0  0  eveno  eveno) 

which  is  not. 

In  defining  a  notion  of  rewriting,  we  must  therefore  be  careful  to  rule  out  all  these  pathological  cases  that 
lead  to  ill-typed  expressions.  A  natural  way  to  do  this  is  to  make  use  of  dependency  relations. 

A  signature  T  implicitly  describes  a  hierarchy  of  type  families:  more  complex  families  may  depend  on 
terms  belonging  to  simpler  ones  defined  before.  For  example,  formalizing  a  proof  system,  one  may  start  by 
defining  basic  type  families,  one  for  terms  and  the  other  for  formulas;  the  family  of  proofs  may  depend  on 
formulas,  and.  if  some  predicate  symbols  are  defined,  through  these  on  terms.  Dependency  relations  formalize 
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mathematically  this  idea  by  defining  preorders  over  type  constants,  constructed  by  looking  (recursively)  at 
the  signature. 

The  idea  of  using  dependency  relations  is  not  completely  new  in  LF.  They  have  also  been  used  in  [13] 
to  prove  well-foundedness  of  proofs  by  structural  induction.  In  this  paper,  we  will  use  them  to  obtain 
information  about  the  type  of  objects  appearing  inside  types,  and  in  turn  we  will  use  this  information  to 
define  a  notion  of  rewriting  which  is  sound  with  respect  to  type  checking. 

Definition  3.1.  Define 


head(ILri  :  Ai  . . .  ILr„  :  An.aM )  =  a, 

let  So  be  a  signature,  a  pair  -<q=  {Sq.Sq1)  of  binary  transitive  relations  over  the  set  of  type  constants  of 
Sq  is  called  a  dependency  relation  if  it  satisfies  the  following  conditions: 

•  a;  ~<o  ft  if  So(a)  =  II:)’]  :  *4]  . . . .  ILr„  :  A„.type,  head(.4,-)  =  a-,.  1  <  i  <  n; 

•  ft  -<q  ft'  if,  for  some  b.  a  b  -<jj*  a'  or  a  b  a': 

•  a  b  if  a  -tfl'  bi 

.  h^Q  So  Sig: 

where  S  Sig  is  defined  (recursively)  by  the  judgements 


Mo  -  Sig 


hE/v  Kind  M'SSK  h"s°-4:type  h^S  Sig 
KoS ,a:K  Sig  KoS, c:A  Sig 


S  (a)=K 

IKV/d 

T\-^°A:Tlx:B.K  IK"4/:/>’ 
IK"  4  4/:;  4 ///A' 


n-^°,4:type  Tv:r:AK°-B:  type 
TK°  Il.r:  A. U:  type 


.  wherehead(.4)-<ofhead(B)  or  lieadi  4  liead(71 ! 


TI-^0-4:  K=K'  T\-y°K'  Kind 

T\-x°A:K' 

S(c)=A  hi  .)• )— A 
IK"r:  4  TI-^0.r:A 


TI-^0A:type  T.x:A\-^°M:B 
T\-^°Xx:A.M:Tlx:A.B 


where  head)  A  Mj^head (B )  or  head(  .4 ) =head(  B ) 


T\-^° M:Tlx:A.B  T\-^°N:A 
IK  "  4  /  N:[N/x]B 

IK-"  \ / : .4  A=A,:  (Th^Ahtype 
IK  "  4/:  b 
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_  ri-^n.4:typr  F,.r:.4K(n  Ji  Kind 

Fh^typc  Kind  T\-^nTlx:A.K  Kind 

hv°r  Ctx  n-v°-4:fypc 
hv  0  ■  Ctx  K  "  :  t  Ctx 

Notation.  By  abuse  of  notation,  given  two  type  families  A.B.  we  will  write  .4  Aa  B  and  .4  AM  B  for 
head(.4)  Aa  head(B )  and  head(.4)  -<M  head(B),  respectively.  We  will  use  .4  Aff  B  to  say  that  .4  AM  B  or 
In  mli  4 )  =  head(B). 

The  idea  underlying  the  introduction  of  the  relations  Aa  and  AM  is  to  restrict,  using  the  judgements, 
the  generation  of  valid  terms  and  type  families  to  those  which  preserve  the  dependencies  generated  by  the 
signature  5;  in  particular,  we  want  terms  of  type  .4  to  be  allowed  to  appear  inside  B  only  if  .4  Aa  B.  and 
similarly  terms  of  type  A  will  be  subterms  of  terms  of  type  B  only  if  A  AM  B. 

When  looking  for  a  dependency  relation,  we  will  usually  prefer  coarser  ones,  so  that  the  class  of  dependency¬ 
preserving  terms  (i.e.  terms  well  typed  according  to  the  hj}  judgement)  is  as  wide  as  possible.  In  practice, 
given  a  derivation  of  h  d  Sig,  we  will  compute  the  minimum  A  such  that  d  Sig  holds. 

Example  1.  In  our  previous  example  about  even  numbers,  the  following  is  easily  seen  to  be  a  dependency 
relation: 

-<=  ({nat  A  1  proof,  o  A  1  proof},  {nat  AM  o.  nat  A  1  proof,  o  AM  proof}) 

The  condition  o  Aa  proof  comes  from  the  type  of  proof:  nat  Am  o  is  obtained  from  type  checking  on 
even:  finally  nat  Aa  proof  since  AaAAm  ■  A  A.  and  all  the  others  pair  in  AM  follow  from  AmAAa. 

Example  2.  To  demonstrate  the  gain  in  expressive  power  that  the  use  of  dependent  types  allows,  we  show 
how  the  simply-typed  lambda  calculus  can  be  formalized  in  this  calculus.  We  will  need  two  type  families: 
one.  called  type,  for  types,  and  the  second,  term,  indexed  by  objects  of  the  first,  for  terms. 

type : type 

arrow  :  type  =t>  (type  =>  type) 


term  :  type  =>  type 

lambda  :  ITr  :  type. Ilf/  :  type. ((term  x)  =?•  (term  y ) )  =>  term(arrow  x  y)) 
app  :  ITr  :  type. Ilf/  :  type.(term(arrow  x  y))  =>  ((term  x)  =>  (term  y)) 

For  this  system,  a  dependency  relation  is  simply 

-<=  ({type  Aa  term},  {type  AM  term}) 

Notation.  In  what  follows,  we  will  assume  that  a  signature  d  and  a  dependency  relation  -<  for  d  have 
been  fixed.  Moreover,  wherever  a  context  T  is  mentioned,  we  will  will  tacitly  assume  it  is  well-typed  and 
dependency-preserving,  i.e.  hj}  T  Ctx. 

We  state  below  a  few  properties  of  the  LF  calculus  that  continue  to  hold  when  restricting  ourselves  to 
dependency-preserving  terms: 

Proposition  3.2.  If  T  T?  M  :  A  and  N  is  a,  subterm  of  M.  then  there  is  T'  D  T  and  type  .4'  such  that 

I"  K:  A'  :  r. 

Proof.  By  induction  on  the  derivation  of  T  h?  M  :  .4.  □ 

Notation.  In  the  rest  of  this  paper,  we  will  write  I  I  I/.  A  ;  and  ti  \I.  A  j  for  the  context  T'  and  type  A1. 
respectively,  obtained  by  the  Proposition  above.  Note  that  these  are  not  unique,  but  depend  on  the  particular 
derivation  of  F  M  :  A  considered.  However,  all  these  are  easily  seen  to  be  equivalent  when  conversion 
and  variable  renaming  are  taken  into  account. 
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Proposition  3.3  (Weakening).  Let  S'  CST'C  T,  and  by  T  Ct.r.  then: 

1.  IfT'  \~p,  M  :  .4  then  T  bg  M  :  .4. 

2.  If  r  b^,  .4  :  K  then  T  \-$  .4  :  K. 

3.  IfT'  K:,  A  Kind  then  f  b^  K  Kind. 

Proof.  By  an  easy  induction  on  the  derivations.  □ 

Lemma  3.4  (Substitution).  Let  T  by  N  :  C,  then: 

1.  if  T.  y.C.  A  b^  M  :  .4  then  T.  [N/y] A  b^  [N/y\M  :  [N/y\A; 

2.  if  T.  y  :  C\  A  h?  -4  :  A'  then  T.  [Y/i/A  b^  [TV/*/]. 4  :  [N/y]K; 

3.  */  r,  */  :  (  '.  A  K:  K  Kind  then  T.  [N/y]A\~3  [N/y]K  Kind. 

Proof.  By  (simultaneous)  induction  on  the  size  of  the  derivations.  For  term  and  type  abstractions,  one  has 
to  observe  that  head([7V/j/].4)  =  head(_4).  □ 


Lemma  3.5.  We  have: 

1.  T  hv  M  :  A  implies  r  .4  :  type; 

2.  T  hj  4  :  K  implies  T  b(|  K  Kind. 

Proof.  Both  are  proved  by  induction  on  the  derivation. 


•  Type  constant: 

S(a)=A 

TbgmA 

By  inversion  on  the  derivation  of  b  S  Sig  and  Weakening. 

•  Type  application: 

TW£A:Tlx:B.K 

"  Tb^.4  M:[M/x]K 

By  inductive  hypothesis  we  get  T  by  Il.r  :  B.K  Kind.  By  inversion  T.  x  :  B  by  K  Kind ,  hence  by 
Substitution  the  result. 


•  Type  abstraction: 


Trivial. 

•  Kind  conversion: 


Trivial. 

•  Term  constant: 


T  b y  A :  ty p  if  T ,  x  :A\-  y  B :  ty p  e 
T  b  y  II  x :  A .  B :  tv  p  e 


AS^B 


Thy  _4:A’'  K'=K  Th^A  Kind 
I  by  . 4:  A 


S(c)=-4 
Tby  cu4 


By  inversion  on  the  derivation  of  b  S  Sig  and  Weakening. 
•  Term  variable: 


r(:r)=J 

Thy  :m4 


By  inversion  on  the  derivation  of  by  T  Ct.r  and  Weakening. 


•  Term  application: 


l'K:  T\-yN:B 

T\-£M  N:[N/x]A 

By  inductive  hypothesis  we  get  T  Hr  :  B.A  :  type.  By  inversion,  T.  x  :  B  hv  -4  :  type,  hence  by 
Substitution  the  result. 

•  Term  abstraction: 

Tl-K4:type  T,x:A\-yM:B 

T\-yAx:A.M:Hx:A.B  -s  u 

By  inductive  hypothesis  we  get  T.  x  :  A  K  B  :  type,  and,  applying  the  type  abstraction  rule,  the 
result. 


•  Type  conversion: 


Trivial. 


IK  M:  1'  A'=A  IK  l : ' y p e 
IK  M:  \ 


□ 


Corollary  3.6.  The  following  holds: 

1.  7/TKf  Hr  :  A.B  :  type  then  .4  A™  B. 

2.  J/Th?  M  :  Tlx  :  A.B  then  .4  <¥  B. 

Proof.  (1)  is  obtained  immediately  by  inversion.  For  (2)  wo  use  the  Lemma  to  conclude  T  K  Hr  :  A.B  :  type, 
and  hence  by  (1)  the  result.  □ 

The  following  result  clarifies  the  motivating  property  of  the  two  relations  -tA  and  -<M: 

Lemma  3.7.  Let  IK  T,  x  :  C  Ctx, 

1.  if  T.  x  :  C'.  A  K  *4  :  K  and  x  G  TV  (A)  then  C  K  A 

2.  if  T.  x  :  C.  A  K  M  :  .4  and  x  G  TV(M)  then  C  .4 

Proof.  By  (simultaneous)  induction  on  both  derivations.  The  cases  when  either  A  or  M  are  constants,  or  M 
is  a  variable  are  trivial.  So  are  those  for  the  conversion  rules.  The  only  interesting  cases  are,  for  both  terms 
and  type  families,  application  and  abstraction: 

•  Type  application: 

T.  x  :  C'.  A  K  A  :  Ili/  :  B.K  T.  x  :  C.  A  M  :  B 

b..r  :  (  A  bf  1  \l  :  ,\l  :,  K 

If  x  G  TV  (A)  we  are  done  by  inductive  hypothesis  on  T,  x  :  C.  A  -4  :  II  jy  :  B.K,  since  head(.4  M)  = 

head(A).  Otherwise,  if  x  G  TV(M).  then  by  the  inductive  hypothesis  on  T,  x  :  C\  A  K  47  :  B  we  get 
C  B.  By  inversion,  we  easily  see  A  =  aN  for  some  terms  N  and  type  family  constant  a  =  head(.4): 

then  S(a)  =  IIa:i  :  C i  . . .  II:rn  :  C„.type  and  head) B)  =  head(Cy)  for  some  i.  so  B  -tA  A;  hence,  we 

conclude  C  -<A  -4. 

•  Type  abstraction: 

T.  .?■  :  C.  A  hg  .4  :  type  T,  x  :  C.  A.  y  :  -4  K  B  :  type 

T.  x  :  C,  A  l-j  II y  :  A.B  :  type  —  s 

If  x  G  TV(B)  we  are  done  by  inductive  hypothesis  on  T..r  :  C,A,y  :  A  hy  13  :  type,  since  head(IIi/  : 
A.B)  =  head(B).  Otherwise,  if  x  G  TV  [A),  then  by  the  inductive  hypothesis  on  T,  x  :  C,  A  hv  4  :  type 
we  get  C  -<A  -4.  and  hence  by  the  side  condition  the  result. 

•  Term  application: 

T,  x  :  C,  A  M  :  Tly  :  B.A  T,x  :  C,  A  K)  N  :  B 

b..r  :  O.  A  bf  \l  X  :  A7.V  4 
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If  x  £  TV(M)  we  are  done  by  inductive  hypothesis  on  r,  x  :  C,  A  hv  M  :  Tiy  :  B.A,  since 
head([A7/j/]_4)  =  head(II?/  :  B.A).  Otherwise,  if  x  £  EV(N)  by  the  inductive  hypothesis  on  F,.r  : 
C'.  A  hv  N  :  B  we  get  C  B.  By  Corollary  3.6,  B  A^f  A,  and  by  transifivitv  we  conclude 
CA^[N/y]A. 

•  Term  abstraction: 

T.  x  :  C.  A  bv  .4  :  typo  T.  x  :  C'.  A.  y  :  .4  hs  M  :  B  M 

T  A y  :  AM  :  Uy  :  A.B  '  ~ s  ' 

If  x  £  TV{M)  we  arc  done  by  inductive  hypothesis  on  T..r  :  C.A.y  :  .4  hs  M  :  B.  since  head(IIy  : 
A.B)  =  head(B).  Otherwise,  if  x  £  TV(A).  then  by  the  inductive  hypothesis  on  T,  x  :  C.  A  l~s  -4  :  type 
we  get  C'  A^.1  A ,  hence  by  the  side  condition  and  transitivity  we  conclude  C  A^.1  T\y  :  A.B. 

□ 

Definition  3.8.  Environments  are  expressions  with  a  “hole**  which  we  will  denote  by  o,  constructed  ac¬ 
cording  to  the  following  syntax: 


Environments  E  :=  o  |  A.t  :  A.E  \  M  E  \  E  N 
Well-typed  environments  are  constructed  by  means  of  the  judgement 

r  £|T0  h  o  :  Aoj  :  .4. 

and  the  rules 


rol-^.40:type  roCT 
n-^o  [rohox40]:.40 

l'K':  4:iype  T.x:A\-pE[T0\-o:A0j:B 
fh^A.r:A£[T0l-o7.40]:ILr:.4..B 

n-jjE[rol-o:.4o]:n:r:AB  T\-^N:A 

rh^(Eiroho:A0])  N:[N/x]B 

T\-^M:Tlx:A.B  n-^£|T0l-o:_40]:.4 

^  -4o7^ 

n-^E|T0l-ox40l:.4  A=B  I'K-  /hiype 

rh^E[roho:.40]:B 

Example  1.  The  environments 


and 


even+  0  (o[|-  o  :  nat]). 


even+  0  (o||-  o  :  nat])  (even+  0  0  eveno  evenn) 
are  not  well-typed.  This  because  in  the  application 


l~Ceven+  0:II)/:nat.proof(even  0 )=>( pro of( even  y )=>proof(even  (+  0  y ) ) )  h^o  [ho:nat]:nat 
l~Ceven+  0  (o  |ho:nat] ):proof(even  0)=>(proof(even  o)=>proof(even  (+  0  o))) 

the  side  condition  nat  -fiA  even  is  violated. 
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Notation.  Given  an  environment  E  and  a  term  M.  we  will  write  i?[M]  for  the  term  obtained  by  replacing 
the  hole  o  with  M.  Conversely,  let  M  be  a  term  and  N  an  occurrence  of  one  of  its  subterm,  we  will  write 
M[°]jv  for  the  environment  (not  necessarily  well-typed)  obtained  from  M  by  replacing  that  occurrence  of 
N  by  o. 

The  type  of  an  environment  depends,  by  the  relation  ,  on  the  type  of  its  hole: 

Proposition  3.9.  IfT  \-y  -EIPo  F  o  :  A0]  :  -4  then  Ac  .4. 

Proof.  By  induction  on  the  derivation  of  T  F?  -E[T0  F  o  :  A0]  :  A.  All  cases  are  trivial,  except  perhaps 

T\-^E2lT0\-o:A0j:B 

rh^MG&lTohoudoDud  -4o7^' 

By  inductive  hypothesis,  A0  4^  B.  From  F  \~y  Mj  :  II.?’  :  B.A  one  concludes  B  Ay  A.  Hence  by 
transitivity  A0  Ay  A.  □ 

As  expected,  when  the  hole  is  replaced  by  an  expression  of  compatible  type,  environments  produce  well- 
typed  expressions: 

Lemma  3.10.  IfT  iE|ro  h  o  :  Ac]  :  A,  and  A  Fg  M  :  Aa  with  A  C  ro.  then  T  Fg  E\M\  :  A. 

Proof.  By  induction  on  F  F>:  -E[ro  F  o  :  A0]  :  A.  The  only  interesting  case  is.  as  before. 


rh^Mi :Tlx:B.A  n-^H2[F0l-o:A0]:H 
rh^Mj(F.,[roho:A0]):A 

By  induction  hypothesis  we  get 


Ao7G' A, 


IK-  / ,  :l lx:B.  4  T\-AE2IM]:B 
I  K  I/?  (E2[M]):[E2[\1]/x]A 

We  are  left  to  show  that  x  EV{A).  so  that  \E2\MUx\A  =  A.  From  F  \~y  Mi  :  n.r  :  B.A  we  deduce 
r  \~y  n.?;  :  B.A  :  type,  and  by  inversion  F.  x  :  B  Fg  A  :  type.  Suppose  x  £  ,FV(-4),  then  B  Aa  -4.  and.  since 
from  r  \-y  E2[ro  F  o  :  ,40]  :  -4  we  get  A0  Ay  B.  we  conclude  A0  Aa  A ,  a  contradiction.  □ 

In  general  the  composition  of  two  well-typed  environment  does  not  produce  a  well-typed  environment.  A 
sufficient  condition  for  this  to  happen  is  given  by  the  following: 

Proposition  3.11.  Let  r  Fv  E[T0  F  o  :  A0]  :  A.  A  Fg  i^fT  F  o  :  A]  :  A!  two  environments,  if  A  Ay  A0 
then  A  F^  £'[£[ro  F  o  :  A0j]  :  A'.  '  ’  " 

Proof.  By  an  easy  induction  on  A  Fg  TfFo:  A]  :  A'.  We  show  the  case 

A\-^M{:Tlx:B'.A'  AFg£,2[rFo:A]:H'  ,  , 

A\-AM[  (E'[rFo:A]):A'  A  ■ 

By  inductive  hypothesis  we  obtain  A  F?  KjJ-E'lFo  F  o  :  A0J]  :  B' .  If  A*  A A  -A>  from  the  assumption 
A  Ay  A0  we  get  A  Aa  A',  a  contradiction.  Hence 


AFb  4/1:1 1./ 1'  AFgK[£[roFo:A0]]:K 

AFW\/;  fflHKKlP  o7^  • 

□ 

The  following  shows  that  environments  behave  nicely  with  respect  to  /3-reduction: 

Lemma  3.12.  Let  F.  x  :  C,  A  \-y  M  :  A  be  any  term  and  F  Fg  £|ro  F  o  :  A0J  :  C  an  environment,  if 
A0  AA  A,  then  for  any  occurrence  of  x  in  M  we  have  F..?’  :  C.  A  Fg  Aif-EfTo  F  o  :  A0]]*  :  A. 
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Proof.  By  induction  on  the  derivation  of  T,  x  :  C.  A  h?  M  :  -4.  Most  of  the  cases  are  trivial;  one  interesting 
case  is  abstraction,  since  we  have  in  particular  to  make  sure  that  x  cannot  appear  inside  the  type: 

F..r:C.AI~ jjA:type  T.x:C.A,y:APAM:B 

T,x:C,A\-£\y:A.M:Tly:A.B  -  : 

If  x  £  TV(A)  then  C  -<A  A,  and,  by  the  side  condition  C  <A  Ily  :  A.B.  From  F  Nj|  -EfFo  h  o  :  A0]  :  C 
we  get  Ao  C.  hence  A0  -<A  Thj  :  A.B.  contradiction  to  the  assumptions.  So  it  must  be  x  £  TV(M),  and 
the  result  follows  by  induction  hypothesis. 

Another  interesting  case  is  application,  where  x  appears  on  the  right-hand-side: 


T,x:C,A\-^M:Tly.B.A  I'../  :(".AK*.  N:B 

r..r:(  .  Abb  4/  V:[  \7;/]  1 

Note  that  the  side  condition  in  the  corresponding  rule  for  environments  is  automatically  guaranteed  by 
the  hypotheses.  We  are  left  to  show  that  y  does  not  appear  in  A  and  that  A0  -fiA  B. 

Since  we  are  assuming  x  £  JrV(N).  C  AAr  B.  If  y  £  fFV(A)  then  B  -<A  A.  hence  C  -<A  -4.  and,  since 
A0  A|f  C,  we  obtain  a  contradiction.  Similarly  A0  -fiA  B.  because  otherwise  we  would  get.  from  B  A|f  A. 
Ao  -<A  -4,  again  a  contradiction.  Having  shown  these  two  simple  facts,  the  result  follows  by  inductive 
hypothesis  on  T,  x  :  C,  A  h ^  N  :  A.  □ 

Corollary  3.13.  IfT  (A.r  :  A.M)  (E|F0  h  o  :  ,40])  :  B  then  for  all  the  occurrences  of  x  in  M  we  have 

r,:r:Ah^M[E[r'0hoTA0]],  :B. 

Proof.  By  inversion  (and  type  conversion,  if  necessary),  we  get  T,  x  :  A  hv  M  :  B.  F  h?  E|F0  h  o  :  A0]  :  *4. 
and  A0  AA  B.  The  result  then  follows  by  the  Lemma.  □ 


4.  Substitutions 

In  [9].  the  definition  of  substitution  makes  use  of  the  existence  and  uniqueness  of  long  ;3y  normal  forms. 
In  the  LF  calculus,  these  find  an  analogue  in  the  concept  of  canonical  form: 

Definition  4.1.  We  define  canonical  forms  for  terms  and  type  families  by  the  judgements 

F  hs  M  fj.  A  M  is  canonical  of  type  A 
r  hv  A  Jj  type  A  is  a  canonical  type 


r  h v  M  f  A  M  is  atomic  of  type  A 
T  hv  A  f  K  A  is  atomic  of  type  K 


formed  according  to  the  following  inference  rules: 


FhvA  if  tvpe  F..e:AI-vM  if  B 
I  K  A.r:  4.4/  if  Ux-.A.B 

IK;  4  f  type  I  F'  M  f  A 
ri-sM  if  A 


HR' :•'/  1.1  4  A=B  I  hv  /hivpi 
ri-sM  jj.  b 
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S(c)=,4  T  (x)=A 

ri-sc  x  -4  rhv.?’  4.  a 

rhsM|ni:.4J  ri-v;  V  ii  i 

TI-eM  N  i  [N/x]B 

FK  4/  4  A=B  n-s£:type 

ri-sM  j,  b 

E(a)=K 

rhsa X  A 


l'l— 4  v  I  !./•:«.  A  I'hv 4/  1.1  « 

I  K;  4  M  x  [M/x]K 

T\-^AXK  K=K'  n-E/v'  Kind 

ri-v.4  x  K' 

rhv.4  JJ  type  r..T:,4hvB  JJ  type 
T\-^Tlx:A.B  JJ  type 

rhs.4  4-  type 
ri-S-4  JJ.  type 

Theorem  4.2.  Let  hv  F  Ctx.  then 

1.  If  T  K  M  X  -4  then  T  hs  M  :  .4. 

2.  If  T  hE  .4  |  A  then  T  hE  .4  :  K. 

3.  If  T  hv  M  JJ.  .4  then  T  M  :  .4. 

4.  If  F  hE  .4  JJ  type  then  T  hv;  A  :  type. 

5.  If  r  hv  M  :  A  then  there  is  a  unique  M'  such  that  M'  =  M  and  F  hv  AI  JJ  A. 

6.  If  r  h v  .4  :  type  then  there  is  a  unique  A'  such  that  A  =  A'  and  F  l~s  A'  JJ  type. 

Proof.  See  [1],  [2],  [15].  □ 

In  light  of  the  previous  section,  our  goal  is  to  show  that  if  a  well-typed  term  or  type  family  respects  the 
dependencies,  so  does  its  canonical  form. 

Notation.  We  will  make  use  of  the  following  abbreviations: 

F  M  JJ  .4  <“►  r  hs  M  JJ  .4  and  T  \~X  M  :  1 

F  hj]  .4  JJ  type  4=4  TK  A  X  type  and  T  \~X  A  :  type 

T  M  X  A  <4^4  F  hs  M  X  -4  and  F  M  :  .4 

F  hj]  A  XK^T  l-v  .4  X  A  and  T  \~X  A  :  K 

The  inversion  properties  for  the  judgements  T  \~X  M  X  A  and  T  \~X  M  JJ  -4  are  non-trivial  enough  to  be 
worth  being  stated  and  proved  explicitly: 

Proposition  4.3  (Inversion).  We  have: 

1.  If  T  \-X  M  :  TT.r  :  A.B.  T  hj:  A7 :  A,  and  T  hs  M  N  X  C  then  T  \~X  M  X  n.r  :  A.B  and  T  \~X  N  JJ  .4. 

2.  If  T.  x  :  .4  hj7  M  :  B.  and  f  hs  (A.r  :  A.M)  JJ  C  then  T.  x  :  4  M  JJ  B. 

3.  If  T  \~X  M  :  A,  .4  =  A',  T  hs  .4'  X  type,  and  T  bg,M  JJ  C  thenT  hg  M  X  -4. 

Proof.  (1)  By  induction  on  the  derivation  of  F  hv  M  N  X  C  .  There  are  only  two  cases: 


12 


•  Application: 

II./:  v.ir  TT^NifA' 

rhsM  N  i  \N/x]B' 

From  F  h?  M  :  Il.r  :  A.B  we  get  F  b?  ILr  :  A.B  :  type,  and  by  inversion  T  b?  A  :  type.  The  result 
then  follows  from  F  bv  M  4-  Fhr  :  A' .B'  and  T  bs  N  4|  A!  by  conversion,  since  A  =  A!  and  B  =  B' . 

•  Conversion: 

FKA/  V  v  r  C'=C  ri-sC:type 
FKA/  V  J,  C 

Immediate  by  inductive  hypothesis. 

The  proofs  of  (2)  and  (3)  are  similar.  □ 

The  following  (quite  technical)  lemmas  show  that  the  class  of  dependency-preserving  terms  is  closed  with 
respect  to  3-  and  //-reduction,  and  also,  under  some  circumstances,  under  //-expansion. 

Lemma  4.4.  IfT  |-^  M  :  A  and  M  —hi  M1  then  T  hv  AH  :  .4. 

Proof.  By  induction  on  the  derivation  of  T  hv  M  :  A.  Application  is  the  only  interesting  case: 

T^M^.Tlx-.B.A  T\-^M2:B 

FK  M;  I /..:[! /..//  I 

We  have  to  distinguish  three  possible  subcases: 

•  1  f  |  .1 1->  — hi  .1  f  |  .1 1-> 

By  inductive  hypothesis  T  b ?  AI[  :  Il.r  :  B.A,  hence  the  result. 

•  Al\  A/*)  — t  -!  Al\  4  /;> 

By  inductive  hypothesis  T  b?  AH,  :  B.  From  T  Mi  AH  :  [Mo /x]A  we  get  T  b?  [M2/.r].4  :  type, 
and  clearly  \Al'2/x\A  =  [AH/ x\A,  so 


T\-^M1:Tlx:B.A  !'K  \ 


i  be  a/;  ;  l 


.  [\/4 /./•]  I  [.!/••  /./ ].4  FK- [\ /•■/./•]  brype 


I  K?  A/,  .1 ]  1 

(A.r  :  B.A1[)AH  -4/3  [A /•././] A /,' 

By  inversion  and  type  conversion,  T.a:  :  S'  b?  Af(  :  A  and  T  b?  Mo  :  B' .  The  result  then  follows 
by  Substitution. 

□ 


Corollary  4.5.  IfT  b^  M  :  A  and  M  -4*  M'  i/ien  F  bf)  AH  :  A. 

Lemma  4.6.  7/F  bg  Af  :  A  and  A 1  — h,  Af'  then  T  b^  A/'  :  A. 

Proof.  By  induction  on  the  derivation  of  T  h?  Al  :  A.  Abstraction  is  the  only  interesting  case: 


rb?A:typie  F..r:i?b?A/i  :A 

IK  A.: -.Tlx-.B.A  -■  a 

We  have  to  distinguish  two  possible  subcases: 

•  Ax  :  4. A/|  -4,;  A.r  :  A.M[ 

By  inductive  hypothesis  F.  x  :  B  b?  A/J  :  A.  hence  the  result. 

•  Ax  :  A. AH  =  A;r  :  B.(A1{  x)  — h;  Af( 

By  inversion  (and  type  conversion,  if  necessary)  F  h?  Al[  :  Il.r  :  B.A. 

□ 

Corollary  4.7.  If  F  b?  M  :  A  and  M  -4*  A/'  then  T  b?  M'  :  A. 

Lemma  4.8.  If  F  b^  A 1  4,  C.  then  there  is  AH  -4*  M  smcA  that  T  b^  M1  44  C. 
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Proof.  The  induction  is  on  the  structure  of  C: 

•  Case  C  =  TT.r  :  A.B: 

From  the  assumptions,  one  gets  F  hy  ILe  :  A.B  :  type,  and  by  inversion.  T  H§  .4  :  type,  so 
F.  x  :  -4  hy  x  i  -4  and  by  inductive  hypothesis  we  get  a  N  -4*  x  such  that  F,  x  :  A  hy  N  |1  A. 

By  inversion  again,  from  F  hy  TT.r  :  A.B  :  type  one  also  gets  r,as  :  *4  hy  B  :  type,  and  since 

r.  x  :  -4  hC  M  N  f  B ,  we  can  apply  the  inductive  hypothesis  once  more  to  get  a  M'  -4*  M  N  such 

that  r,4’  :  A  hy  M'  |f  13.  Then  Xx  :  A.M'  is  as  required. 

•  Case  C  =  A  N  or  C  =  a 

From  the  assumptions  T  hy  C  :  type,  and  by  Theorem  4.2  there  is  C'  =  C  such  that  F  hs  C'  II  type. 
By  inversion  then  F  hs  C  f  type,  and.  since  F  hs  M  i  C  by  type  conversion,  we  get  T  hr;  M  |f  C" . 
By  conversion  again,  we  get  finally  T  hv  M  |l  C. 

□ 

Proposition  4.9.  Let  C  =  C ,  T  hy  C"  :  type,  then: 

1.  If  T.  x  :  C,  A  hy  M  |1  -4  then  F.  x  :  C".  A  h^  M  |1  -4. 

2.  If  r.  x  :  C.  A  hy  A  |!  type  then  T.  x  :  C ,  A  hy  A  |l  type. 

3.  if  r,  x  :  a  A  h£  M  i  A  then  T.  x  :  C,  A  h^  M  i  A.' 

4.  If  F.  ;  :  C.  A  hC  -4  J,  K  then  F.  x  :  C.  A  h|  A  i  K. 

Proof.  By  an  easy  induction  on  the  derivations.  Replace 


with 


F..r:C',Ahy  .(•  i  C 


F../  :f  '.AK  ' 


7  C  =C  F..r:f  '.Ahf  C:; ypi 


Thy  .r;  i  C 


□ 


Theorem  4.10.  We  have: 

1.  IfT  hy  M  :  A  then  there  is  a  M1  =  M  such  that  T  hy  M1 11  A. 

2.  IfT  hy  .4  :  type  then  there  is  a  A1  =  A  such  that  T  hy  A!  |1  type,. 

3.  if  r  he  M  :  .4  and  M  =  hN  where  h  constant,  or  variable,  then  there  is  a  M1  =  M  such  that 

r  he  %r  i  a. 

4.  If  r  hy  A  :  I\  and  A  =  ciN,  then  there  is  a  A!  =  A  such  that  F  hy  A!  J.  K. 

Proof.  By  (simultaneous)  inductions  on  the  derivations.  By  Corollary  4.5,  in  (1)  and  (3)  we  will  furthermore 
assume,  without  loss  of  generality,  M  in  ,3-normal  form. 

•  Type  constant: 

T(a)=K 
Thy  a:A’ 

We  have  immediately  T  hy  a  f  K.  If  I\  =  type,  we  have  also  F  hy  a  |1  type. 

•  Type  application: 

T\-^A:Tlx:B.K  FhC  .)/:/>’ 

FhC  1  M:[M/x]K 

By  inversion  we  easily  see  A  =  eiN ,  hence  by  inductive  hypothesis  we  get  A'  =  A  and  M'  =  M  such 
that  T  h^  A'  f  n.r  :  B.K  and  F  h^  M'  |1  B,  and  therefore  F  h^  A'M'  f  \M'/x]K. 

From  r  hy  A  :  II.?’  :  B.K  we  get  F  hy  ITr  :  B.K  Kind ,  and  by  inversion  T.  x  :  B  hy  K  Kind. 
Therefore  by  Substitution  F  hy  \M/x]K  Kind,  and  hence  by  conversion  F  hy  A'M1  f  [M/.r]K.  If 
K  =  type,  we  have  also  F  hy  A'M'  |1  type. 
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•  Type  abstraction: 

n~ v -4: type  T,x:A\-^B:type  M 
rb^ILcK.Ktype  -s  B 

From  the  inductive  hypotheses  we  get  A'  =  A  and  B'  =  B  such  that  T  by  M  1|  type  and  T.  x  :  A  by 
B'  1|  type.  Using  Proposition  4.9  we  conclude  T  by  ILc  :  A' .B'  ||  type. 

•  Kind  conversion: 

n-^4:A'  K=K'  T\-pK'  Kind 
FKphiC^ 

Immediate  from  inductive  hypothesis. 


•  Term  constant: 

^(r)=A 

T\-£c:A 

We  get  immediately  F  b?  c  4-  *4;  (1)  then  follows  from  Lemma  4.8. 

•  Term  variable: 


r(:r)=.4 

IK:.r:4 

We  get  immediately  T  by  x  J,  .4:  (1)  then  follows  from  Lemma  4.8. 

•  Term  application: 

T\-^M:Tlx:B.A  l'K  N:B 
l'K:  4/  .Y:[.Y/.b  4 

Since  M  in  /3-normal  form,  by  inductive  hypothesis  we  get  M'  =  M  and  N'  =  N'  such  that  L  by  M'  i 
n:r  :  B.A  and  T  hg  N'  f|  B.  and  hence  F  %  M'N'  i  [4 1. 

From  r  by  M  :  II.c  :  B.A  we  get  F  by  Il.r  :  B.A  type,  and  by  inversion  F.  x  :  B  by  .4  type. 
Therefore  by  Substitution  T  by  \M/x\A  Kind,  and  hence  by  type  conversion  T  by  M'N'  i  \M/x]A. 
Once  again,  (1)  follows  from  Lemma  4.8. 


•  Term  abstraction: 

rby.4:type  T..r:A\-^M:B 
— a — 7—— - 2 -  A<MP 

T\-£\x:A.M:Tlx:A.B 

From  the  inductive  hypotheses  we  get  A'  =  A  and  M'  =  M  such  that  T  by  A'  J|  type  and  T.  x  :  A  by 
M'  II  B.  By  Proposition  4.9  one  obtain  T  by  Xx  :  A'.M'  ||  ILc  :  A'.B. 

From  r  by  Xx  :  A.M  :  ILt  :  A.B  we  get  F  by  Il.r  :  A.B  type,  and  therefore  by  type  conversion 
r  bb  Xx  :  A'.M'  f|  Il.r  :  A.B. 


•  Type  conversion: 


IK-  4/:  4  A=A'  IK-  4':type 
I " I  \".  4/:  4' 


Immediate  by  inductive  hypothesis. 


□ 


Corollary  4.11.  IfT  by  M  :  A  then  there  are  M' .  M"  such  that  M  -4*?  M' .  M"  -4*  M' .  F  by  M"  1|  .4 

Proof.  By  inspection  of  the  proof  of  Theorem  4.10  and  commutativity  of  6  reduction  and  //  expansion.  □ 

Notation.  Given  a  well-typed  term  M  or  a  type  family  -4,  we  will  denote  their  canonical  form  by  Mi.  and 
*4jp  respectively. 

Lemma  4.12.  Let  T  by  -E[F0  b  o  :  _40]  :  -4  an  environment  and  F0  by  M  :  _40  a  compatible  term. 

i-  //I'K  E[M\  1|  A  then  F0  by  M  l|  A0  or  F0  by  M  J,  _40.  Moreover.  ifT0  by  M  1|  A0  (F0  by  M  J,  -40) 
then  for  all  Fc  bg  N  1|  A0  (T0  hg  N  i  .4  J  me  have  T  hg  E[N]  l|  -4. ' 
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2.  If  I  EfAI]  i  A  then  Tc  M  ^  A0  or  W  b^  M  f  .40,  Moreover.  i/V  b4  M  f).  A0  /T  bj  M  i  A0) 

then  for  all  T,  b4  N  1}  A0  (T0  b4  N  f  A0 )  we  have  T  b4  £|Ar]  4-  -4. 

Proof.  By  induction  on  T  b4  E’fTo  b  o  :  A0]  :  -4,  using  Lemma  3.10  and  Inversion.  □ 

Definition  4.13.  Given  two  contexts  L  and  A.  a  substitution  from  T  to  A  is  a  type-preserving,  finite- 
support  mapping  from  variables  to  terms  8  :  T  — 7  A  formed  according  to  the  following  rules: 


•: — A 


f.ii— >4/  } : I  — r A  A\sNif\M /x\A 
[ A  ]  ;i  I '.</:  4  )-  r  A 

Dependency-preserving  substitution  are  defined  by  the  rules: 


■:-4a 

-} 4  /  j:  I  —r .A  Ab4Y41[I7/^].4 
{x^M.y^N}:(T.y:A)^A 

Definition  4.14.  Given  any  well-typed  term  L  bv  M  :  .4  and  substitution  8  =  {r  i-4  A*}  :  L  — 7  A.  define 
8M  to  be  the  (unique)  canonical  form  of 

A  bv  [N/x]M  :  [N/x\A 

Similarly,  given  L  b^  A  :  type  we  also  define  6 A. 

Note  that  here,  in  analogy  to  [9].  we  define  the  result  of  a  substitution  application  to  be  a  canonical  term. 
This  will  simplify  considerably  some  proofs  in  the  next  section. 

Definition  4.15.  We  define: 

1.  Given  two  substitutions  8\  =  { x  >-•►  4  /  ]  :  I  ]  — 7  To  and  6b  :  To  — 7  IV  the  composition  6 2  o  8 1  is  the 
substitution  tb  o  8\  =  {/h4  8-2M}  :  Ti  — 7  T|^ 

2.  A  substitution  8  =  {r  1-4  M}  :  T  —r  A  is  a  renaming  if  all  the  terms  M,  are  (convertible  to)  distinct 
variables. 

.3.  A  substitution  8\  :  T  — 7  A  is  said  to  be  more  general  than  82  :  T  — 7  A!  if  there  is  p  :  A  — T  A'  such  that 
82  =  p  o  81 . 

4.  Given  two  well  typed  terms  T  b^  M  :  A  and  T  bv  N  :  A\  a  substitution  8  :  T  — 7  A  is  said  to  be  a 
unifier  of  M  and  N  if  8M  =  8N\  M  and  N  are  then  said  to  unify. 

The  class  of  dependency-preserving  terms  is  closed  with  respect  to  substitution  application: 

Proposition  4.16.  Let  8  =  { x  i-t  N}  :  T  4  Aj. 

1.  If  V  K-  M  :  A  then  A  b4  8M  :  [N/x]A. 

2.  7/Tb|  .4  :  type  then  A  b4  8 A  :  [N/x]K. 

Proof.  (1)  First  assume  doniT  fldomA  =  0.  Then  by  Weakening  one  gets  A.T  b4  M  :  A  and  A  b?  Ay  :  B 
for  all  i.  By  repeated  applications  of  Weakening  and  Substitution  from  these  one  gets  the  result. 

If  domT  n  domA  ^  0,  let  p  :  A  4  A'  a  renaming  into  a  set  of  fresh  variables.  Using  the  proof  above, 
one  easily  show,  by  induction  on  8  :  T  — 7  A  that  8'  =  p  o  8  :  T  A-  A' .  Moreover,  if  is  immediate  to  see 
p~x  :  A4  A  and  8M  =  p~1(8'M),  hence,  by  using  again  (twice)  the  proof  above,  one  gets  the  result. 

( 2 )  Similar.  □ 

Corollary  4.17.  If  81  :  Ti  4  T?  and  :  Tj  4  Tj.  then  82  o  8\  :  Ti  4  T.-j. 

Proof.  By  induction  on  the  derivation  of  8\  :  Ti  — 7  T2-  □ 
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Definition  4.18.  A  canonical  term  T  hv  M  JJ.  -4  is  said  to  be  a  pattern  if  each  x  £  domT  can  appear  in  M 
and  A  only  applied  to  terms  ^-equivalent  to  distinct  bound  variables. 

Theorem  4.19.  Unification  of  patterns  is  decidable;  if  two  patterns  unify,  there  is  a  unique  (up  to  conver¬ 
sion)  most  general  unifier. 

Proof.  See  [11].  □ 


5.  Higher-Order  Term  Rewriting 

In  this  section  we  extend  the  notion  of  term  rewriting  system  and  rewriting  relation  to  a  higher-order 
setting  with  dependent  types. 

Definition  5.1.  A  rewrite  rule  F  hv  l  -4  r  :  A  is  a  pair  of  well  typed  terms  such  that 

•  F  hv  l  JJ.  A  is  a  pattern.  F  r  :  A, 

•  r  1-3  -4  |  type. 

•  FV(l)  D  FV(r). 

A  higher-order  term  rewriting  system  (HTRS)  B  is  a  finite  set  of  rewrite  rules,  such  that,  for  each  pair  of 
rules  Ti  H v  l\  — >  r%  :  A\.  To  U  — i t  t’2  :  *4o  £  R ,  _4i  A^. 

The  condition  above  translates  to  the  requirement  that  it  is  not  possible  to  use  a  rewrite  rule  to  rewrite 
the  type  of  another.  This  is  therefore  consistent  with  the  original  goal  to  define  rewriting  in  such  a  way  that 
it  does  not  modify  types,  and  hence  preserve  well-typedness  of  expressions. 

Moreover,  under  this  assumption,  as  we  will  see,  the  critical  pair  criterion  will  involve,  precisely  like  the 
first  order  case,  a  check  for  overlaps  only  among  the  left-hand-sides  of  the  rules. 

Example  2.  In  the  formalization  of  the  simply-typed  lambda  calculus  given  before.  3  and  t]  reductions  can 
be  expressed  as  rewrite  rules: 

A  :  type.  B  :  type.  F  :  (term  A)  =>  (term  B),  U  :  term  A  (app  (lambda  F)  U)  -4  (F  U)  :  term  B 

A  :  type.  B  :  type,  G  :  term  (arrow  A  B)  hjj  lambda(A.r  :  term  Lapp  G  x)  -4  G  :  term(arrow  A  B) 

The  check  that  both  rules  are  well-typed  and  preserve  dependencies  is  left  to  the  reader. 

Definition  5.2.  Given  a  HTRS  R  and  two  terms  F  M  :  A  and  F  hv  N  :  A  we  define  I?-rewrifing  as 
follows: 

T  hjj  M  -A  N  :  .4  <^4>  M$  =  E[0lj,  Ajj  =  E[6r ]  for  some  (A  h  l  -4  #  B)  £  R,  6  :  A  4  I  i  A/  .  61% 

and  T  /-.  [Fi  4/  ..  61)  ho:  A(M^.  61)]  :  -4. 

We  furthermore  define  i?-conversion  as  the  judgement  T  hv  M  4-^4  N  :  A  formed  according  to  the  following 
rules: 


FK  A/:  4  M=N  n-^AK4  FK4/  V:4 

FK:  i/A.V:  4  T\-£mAN:A 

FKM/<A  V:  i  FK  4  FK  1 

I  Tv  \>-wi/:4  FK  1 

In  addition  to  R-eonversion.  we  introduce  a  more  natural  notion  of  equality  modulo  R,  as  a  congruence 
relation  containing  all  instances  of  R,  and  closed  with  respect  to  conversion: 

Definition  5.3.  Let  R  be  a  HTRS,  congruence  modulo  R  is  defined  by  the  judgement 

r  hv  M  =  A7  :  4  l>  P  M  and  N  of  type  A  are  congruent  modulo  R 

where  T>  is  a  set  of  type  constants  used  to  keep  track  of  the  dependency  constraints.  The  rules  associated  to 
this  judgement  are  the  following: 
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i'K  i  rh;,if-'v:  u>p 
n-v  u  '-:  \/:  uni  ikay-W:  tr>p 

IK-  U-- V':  4|>P  T\-£N'=N:At>'D' 
T\-^M=N:A[>(VUD') 

AI-v/-->/  :  IC//  6bA4r 

n-g.^=^-:0.4>{head(.4)} 

Tb^Ahype  l’..i :  4K- .U-':.V:/>T>P 
n-^A.r:-4.Af=A.r:.4.A':n.r:.4.Pt>P  ‘  _S 

T\-^M=M':Tl.r:A.Bt>D  T\-$R=N':A>W 

- - - „ - - -  a-£AB  for  all  a&V 

I 'hf  M  N=M'  N' : [N/x]B t> ( P UP ' ) 


IbA  U-- V:  4[>P 


V- V 


TbgAAA 


T\-^M=N:At>V 

The  only  place  the  set  of  dependency  P  above  plays  a  role  is  in  the  application  rule:  there,  it  restricts 
the  rule  to  those  cases  where  well-typedness  of  both  sides  is  guaranteed.  An  analogous  set  is  defined  for 
i?-rewriting: 


Definition  5.4.  The  set  of  dependency  constraints  generated  by  a  i?-rewriting  step  is  defined  as 

(T  K;  M  -4  A7  :  t  :  lb  {head(bB)} 

if  (A  hg  l  -4  r  :  B)  £  R  was  the  rewriting  rule  used  in  its  definition. 

This  definition  is  extended  to  i?-conversion: 


IK  A/:  1  M=N  T\-3N:A  (T\-^M^N:A)\hV 

iI'KAK'KY:  l)lb0  .  rK  .\/<--->. Y:  1;I-P 

il'KA/e-'-A  Y;  1 ; I  —  P  {T\-AMeA+N':A)\hV  (T\-AN' ^N:A)\AD' 
{T\-£nAM:A)\\-V  ilKY\/44  V:  IjbiPLP'; 

The  main  theorem  of  this  section  will  be  the  following: 

Theorem  5.5.  Let  R  be  a  HTRS.  then  for  all  M,  N, 

(T  \-A  M  44  A7 :  .4)  lb  P  <£>  T  M  =  N  :  .4  D>  P. 

One  direction  is  easy  to  prove: 

Lemma  5.6.  If  T  b^  £|T0  h  o  :  _40]  :  -4  and  Tc  M  =  N  :  A0  >  {head(A0)}  then  T  b|  -_E[M]  =  £[A7]  : 
.4  l>  {head(A0)}. 

Proof.  By  an  easy  induction  on  the  derivation  of  T  bA  KJTo  b  o  :  A0]  :  .4.  We  check  the  case: 


n-^Mi -.Ux-.B.A  n-b /•:•.[!'  kk  \-.n 

rh^M1(E2[roho:.40]):.4 


4  ..4 '  4. 
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By  reflexivity,  T  hg  M\  =  Mi  :  ILr  :  B.A  t>  0,  and  by  inductive  hypothesis  F  hg  EofM]  =  £j[iV]  :  B  O 
{head(A0)}.  By  hypothesis  A0  -fiA  A .  hence  by  the  application  rule: 

=Mi  :Tlx:B.At>$  D-gE,  [4/]=E2  [Nj:B>{head(A0 )) 

I  K  (Ml  [M] )=(Mi  E2[Nj):[E2  [M]/x]A>{head(A0)} 

To  conclude  the  proof  we  have  to  show  that  x  TV(A),  so  that  [/Tp/J/.rJA  =  A.  If  not.  then  B  -<A  A , 
and  since  we  know  A0  AM  B  from  T  hg  FT  P'0  h  o  :  _40]  :  B,  we  conclude  _40  -K  A ,  a  contradiction.  □ 

Corollary  5.  7.  Let  B  be  a  HTB.S.  if  [T  hg  M  A  N  :  A)  lb  V  then  T  hg  M  =  N  :  .4  O  V. 

Proof.  By  induction  on  the  derivation  of  (T  hg  M  -f-^4  N  :  *4)  lb  V.  We  consider  two  cases: 

•  Conversion: 

rhg4/:.4  M=N  FhgA-:.4 

.  I  K- 4/4  -K.Y:  l)lb0 

From  r  hg  M  :  -4  by  reflexivity  we  get  T  hg  M  =  M  :  ,4  t>  0  and  by  the  term  conversion  rule  the 
result: 

IK  M  '-M:  U>0  M=N  IK  V:  1 
T\-^M=N:At>$ 

•  /?-rewriting: 

i  l'K.  4/  -V.V:  4  :I-P 

(T\-£mAN:A)\\-V 

Bv  definition,  F  hg  M  — N  :  A  if  there  arc  (A  hg  l  — *  r  :  B)  £  B.  6  :  A  -4-  and 

rb^  EfT(M  .  M)bo:  W4/..  61 )]  :  .4  such  that  4fy  =  E[6lj,  =  Epr]. 

By  reflexivity  and  conversion,  like  the  previous  case,  we  get  T  hg  4 1  =  E\Bf\  :  .4  >  0  and  T  hg 
E\6r ]  =  TV  :  .4  >  0.  Also,  T(M^6l)  hg  61  =  Or  :  A(M^6l)  >  V.  where  V  =  {hcad(B)}  = 

{hcad(A(4f^,6I))|,  so  applying  the  Lemma  we  get  T  hg  E\6l\  =  i?[0r]  :  -4  O  {hcad(U)},  and  by 
transitivity  the  result. 

□ 

To  prove  the  other  direction  of  Theorem  5.5  we  follow  the  same  approach  used  in  [9].  which  goes  through 
the  definition  of  a  weaker  notion  of  rewriting: 

Definition  5.8.  For  terms  F  hg  M  :  -4  and  T  hg  N  :  -4.  we  define  weak  i?-rewrifing  as: 

F  hg  M  A  N  :  .4  M-  M  =  E[M0],  N  =  E[N0].  Ma  =  61,  Na  =,,  6r,  for  some  (Abl->r:H;C 

6  :  A  4  IT  4./.  Mo),  and  F  hg  E[T(M,  M0)  h  o  :  .4(4/,  Ma )]  :  .4. 

[i?] 

We  furthermore  define  weak  /?-conversion  as  the  judgement  F  hg  M  g— 4  N  :  A  formed  according  to  the- 
following  rules: 


ITT  4/:  4  M=N  FK-  Y:  4 

IK  4/  '-A  Y:1 

T\-amAN:A 

IKK/4-4*  Vp4 

IT/ 4/<  >  A':  4 

I'K*  4/<  c\":  1  T\-aN'AN:A 

I'K-  ;'-*4/:  t 

FI-C4/<  .  V:  4 
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The  set  of  dependency  constraints  generated  by  a  weak  R- rewriting  step  is  defined  as 

(r  M  -44  N  :  A)  lb  {head (IB)} 

if  (Ah^U  r  :  B)  £  R  was  the  rewriting  rule  used. 

This  definition  is  extended  to  weak  P-conversion: 


I  K  A/:  1  M=N  FK.V:  1 
( l'K':  4  ;l-0 


(T\-^M^%N:A)\hV 


[T\-^M^%N:A)\6V  {TE^M^Kn1  :A)\6V  (T\-^N' ^%N:A)\hV 

iTK.  A't-^.W:  hl-P  iLKA/t-^  AKUNPLP') 

One  relation  between  these  two  notions  of  rewriting  is  easily  derived  from  their  respective  definitions: 

Proposition  5.9.  (T  M  A  N  :  .4)  lb  P  if  and  only  if  (T  b?  M ^  4%  Ny.  :  .4)  lb  P. 

Proof.  By  definition  and  Lemma  4.12.  (T  by  M  -4-  N  :  .4)  lb  P  if  and  only  if  (T  by  Afy  — l  A^  :  .4)  lb  P. 
and  the  result  follows  by  a  trivial  induction  on  the  two  derivations.  □ 

Our  next  goal  is  to  show  that  (F  by  M  -f-4  N  :  .4)  lb  P  whenever  (F  by  M  4— N  :  A)  lb  P.  The  proof 
of  this  fact  relies  on  a  series  of  technical  lemmas. 

Lemma  5.10.  If  F.  x  :  C'.T1  b^  E[To.  x  :  C.  r{  b  o  :  _40]  :  .4  than  for  all  terms  I  bg  A7  :  C  there  is 
an  environment  F.  [A7/.r]F'  by  /'-  [I  A  [A'/  ,?’]Fq  b  o  :  [A’/.r].40]  :  [A7/.r]_4  such  that  for  all  compatible  terms 
To.x  :  CSo  b  M  :  Ao  we  haw  [N/x]E'[Af}  =  E'[[N/x]Af}. 

Proof.  By  a  trivial  induction  on  the  derivation  of  F..r  :  C.  T1  by  i?[ro,:£  :  C'.T'0  bo:  yf0]  :  .4.  using 
Substitution.  We  consider  the  case: 


T.x:CT'\-^Mx:Tlx:B.A  r,:r:CP'bllK2[ro..r:C,r{box4o]:.B  ,  , 
rb^M^Eapobo:^]):^  *  ^  ‘ 

By  Substitution.  T,  [A7/.r]F}  by?  [N/x]AI  :  [A7/.c]II.r  :  B.A.  and  by  inductive  hypothesis  F.  [JV/ffjr'  by 
P.^IFo.  [A7/.r]F{  b  o  :  [A7/.r].40]  :  [N/x]B.  Since  luwlt  [.Y/.r]  4  .  =  head(.40).  head( [A7/.r].4)  =  head(.4).  and 
[A7/:r].40  7^  4  [A"/.r]_4.  the  result  follows.  □ 

Notation.  In  the  Sequel,  we  will  denote  the  environment  obtained  from  Lemma  5.10  by  [N/x]E. 

Corollary  5.11.  If  (F.  x  :  C  by  A I  44  A7  :  .4)  lb  P  then  for  all  terms  T  by  A  I'  :  C’  there  is  a  term 
T  A7'  :  .4  such  that  [M'/x]N  -4*  A7'  and  (T  [M'/x]AI  A7'  :  [M'/z\A)  lb  P. 

Proof.  By  definition.  F.  x  :  C  by  A I  —^4  A7  :  A  means  there  are 


(A  by  /  -4  r  :  B)  G  R, 

0  :  A  —r  I  I  I/.  Mo). 

r,  x  :  C  K  E[r(Af,  M0)  b  o  :  4i  A/.  M0)j  :  4 

such  that 

M  =  ElMoj.  N  =  E[IVo], 

M0  =  61,  N0  =,;  Or. 
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By  Lemma  5.10. 

T  hg  ([M'/x]E)lT{[M'/x]M.  [M'/x]M0)  h  o  :  li  [  \ /'/./]  \ /.  [M7:i:]M0)]  :  [M'/x]A 

Lei  O'  =  0  o  {.?■  i-4  M' }.  pick  JVj  =v  O' r  such  that  [AI1  /x]Nq  -4g  N£;  then  N'  =  ([Af'/a;].E)[JVo]  is  as 
required.  □ 

Lemma  5.12.  IfT.x  :  C  hg  M'  :  .4.  (T  hg  Af  i  N  :  C)  II-  V.  and  a  -fiA  A  if  a  €  V.  then  there  is  a 
rewrite  sequence  (T  hg  Mii]  M(i+1>  :  .4)  lh  V  (0  <  i  <  n)  such  that  M(0)  =  [M/x]M'.  M(n]  =  [N/x]\f. 

Proof.  By  definition,  L  hg  M  -4-  N  :  C  if  there  are 

(A  h^/4  r  :  B)  <=  R. 
ft-  A  4  T(M.  M0), 

T  hg  E[T(M.  Mo)  h  o  :  A{M.  Ma )]  :  C 

such  that 

M  =  EfMol  N  =  E[N0], 

M0  =  01.  N0  =,f  Or. 

By  progressively  replacing  all  the  occurrences  of  x  in  M  by  N  using  Lemma  3.12.  we  get  a  sequence 
of  terms  (0  <  i  <  n)  such  that  (by  Lemma  5.10)  (T  hg  [  \ / /./  ]  \ / '  ’ •  4-1  [  \ / /./•]  V;/1  •’  ’  1  :  .4)  lb  V. 

M(°y  =  M\  M(n>’  =  [N/x]M' .  □ 

Proposition  5.13.  We  have: 

1.  If  (T.  x  :  -4  hg  M  1%  M'  :  B)  lb  V  and  .4  B  then.  (T  hg  Xx  :  A.M  Xx  :  A.M'  :  Tlx  :  A.B)  lb  V. 

2.  If  (T  bg§  M  M'  :  n.r  :  A.B)  lb  V  and  T  hg  N  :  .4  then  (T  hg  M  N  AI'  N  :  [N/x]B)  lb  V. 

.3.  If  T  hg  M  :  n.r  :  A.B.  (T  hg  N  N'  :  A)  lb  V0and  a  -£A  B  if  a  <=V,  then  (T  hg  Af  A'  Af  N'  : 
B)lbT>. 

Proof.  (3)  By  definition.  T  hg  A7  A7'  :  .4  means  there  are 

(Ah g  i  -►  r  :  C)  G  1?. 

@:A4r(A7,At), 

r  hg  £[T(  A7.  AL )  h  o  :  JjfVj No )]  :  .4 

such  that 

A7  =  E[N0j,  N'  =  E[N'0l 
No  =  01,  Af  =„  Or. 
and  V  =  {head(C)}  =  {head(_4(A7,  Ay))}.  Then 

T  hg  M  (E[T(N.  No)  h  o  :  A(N.  A70  )])  :  B 

and  hence  by  definition  (T  hg  M  N  4|  M  N'  :  B)  lb  XL 

The  proofs  of  (1)  and  (2)  are  similar.  □ 

Corollary  5.14.  We  have: 

1.  If  (T,  x  :  .4  hg  M  M'  :  B  )  lb  V  and  .4  Ag7  B  then  (T  hg  Xx  :  A.M  Xx  :  A.M'  :  n.r  :  A.B)  lb 
V. 

2.  If  (T  hg  M  44  M'  :  n.r;  :  A.B)  lb  V  and  T  hg  A7 :  .4  then  (T  hg  Af  N  44  M'  N  :  [N/x]B)  lb  V. 

3.  IfT  hg  M  :  n.r  :  A.B,  (T  hg  A7  44  N'  :  .4)  lb  V ,  and  a  B  if  a  G  V ,  then  (T  hg  Af  A7  44  M  N'  : 
n)ib-D. 
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Proof.  By  an  easy  induction  on  the  derivations.  □ 

Lemma  5.15.  If  (T  hg  M  — l  N  :  C)  lb  V  and  M  M\  then  there  is  a  rewrite  sequence  (T  hg  M,!)  l 
M(i+1>  :  -4)  lh  V  (0  <  i  ■  <  n)  such  that  M'  =  M'0).  N->f3  M(n) . 

In  pictures: 


M- 

0 

V 

M<°> 


m 


[??] 


N 


0  I  * 

y 


w 


M(n> 


Proof.  By  definition,  T  hg  M  — l  N  :  A  if  there  are 

(A  hg  l  -4  r  :  B)  G  R. 

fl:A4r(M,M0), 

r  K;  E|T(M,  Mo)  h  o  :  ti  l/.  Mo)]  :  -4 

such  that 


M  =  E[M0],  N  =  E[N0], 

M0  =  01,  N0  =,;  Or. 

The  proof  proceeds  by  induction  on  T  hg  E{T(M,M0)  h  o  :  „4(M,M0)]  :  *4.  The  most  interesting  cases 
are  the  two  application  rules: 

•  Case: 

IK'./-:,  [r  bo:/4^:ll.( ://.  4  l'K:  4/-.:« 

Thg(£'1  [T0l-ou40])  AP'.A 

There  are  three  possible  subcases: 

-  M  =  (EiJMo]  M2  )  (Ei  [M0]  M')  =  M' 

It  is  easily  checked  that 

T  K  (E1[r(M,Mo)  h  O  :  A(M,Mo)j)  Ml  :  .4. 

T  hg  (Ei [Mo]  M'2)  ^  (Eilfi]  Ml)  :  .4, 

N  =  (EilNoj  M2)  (Ei pVo]  Ml)  =  M(1) 

-  M'  =  (M(  M2)  and  Ei  [4/  ]  -4/3  M] 

Then,  since 

T  hg  Ei  [M0]  Ei  [A'o]  :  Tlx  :  B.A, 

the  result  follows  by  inductive  hypothesis  and  repeated  applications  of  Proposition  5. 13. (2). 

M  -  (A;/  :  [M  ]  :  4/..  -4.,  [4 /•■/</] E,  [4/  ] 

By  inversion  (and  type  conversion,  if  necessary)  T.  y  :  B'  bg  Ej  |T0  h  o  :  _40]  :  *4.  T  hg  M2  :  B' . 
and  the  result  follows  directly  by  Corollary  5.11. 

•  Case: 

ThlMi:Tl.r:B.A  T\-pE2lTo\-o:A0j:B 

I  K  M,  (E2[roho:.4o]):-4  -4o7^'  4 


There  are  again  three  possible  subcases: 
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-  m  =  ( \/,  1 ;  ( \/;  &[m0])  =  '/' 

If  is  easily  checked  fhaf 

I  hC  M[  (E2\T(M,M0)  h  o  :  ,JL(M,M0)]  i  -4, 

r  h5  (M[  E2[Mol)  ^  (M[  &[,V0])  :  A, 

N  =  (Mi  E2[IVo])  -+P  (M[  E2[IVo])  =  M(1) 

-  M'  =  (Mi  and  E2[M0j  ->,3  \ 

Then,  since 

r  h^  E2\M0\  E2{ N0]  :  B. 

the  result  follows  by  inductive  hypothesis  and  repeated  applications  of  Proposition  5. 13. (3). 

-  M  =  (A y  :  B'.M[ )  E2[A&]  ^  [E2[M0]/y]M{ 

By  inversion  and  type  conversion.  T,  y  :  B'  h?  M[  :  *4,  T  h?  h  o  :  _40]  :  B1.  and  the  result 

follows  directly  by  Lemma  5.12. 

□ 


12 

Lemma  5.16.  Let  — Y,  — Y,  and  >  be  relations  on  some  set  S  such  that  >  is  a  terminating  partial  order. 
1  2 
s  — >•  t  implies  s  >  t.  and  s  — ¥  t  implies  s  >  t.  Then 

V.r.  x' ,  y  x'  — — —  x  — ^  V  =>  3y'  p'  — — ^  -r  *^~ —  V 

implies 

V.r.  x  ,  y  x  x'  ^  y  =>  3y  x' - ^  * - V  ■ 

In  pictures 

x - -  y  x  —  -  y 

1  I  1  I 

2  2l*=>2*  2  I  * 

V  Y  V  Y 

*  /  *  i 

y--^y'  y  -  -  *-y 


Proof.  By  a  double  induction  argument.  The  primary  induction  is  on  (#,>),  the  secondary  one  on  the  length 
of  the  derivation  x  — y  . 

The  cases  when  x  =  x'  or  x  =  y  are  trivial.  In  the  induction  case  we  have  the  following  diagram: 


x  — 

2 

v 

V  - 

2  * 
v 


U 


2  I  * 


2  I  * 


* 

i 


-  v 

i 

2  |  * 


* 

1 


Y 

s-  w 


o  I  - 
Y 


where  the  existence  of  u'  and  w  arc  given  by  hypothesis  and  secondary  inductive  hypothesis  (x  >  u  but 
u  — s-  !J  is  shorter  than  x  — y  ),  respectively,  while  the  existence  of  u"  and  y'  come  from  primary 
inductive  hypothesis  (x  >  v  >  a').  □ 


Corollary  5.17.  If  (T  M  — l  N  :  -4)  lb  V  and  M  — M' ,  then  there  is  a  rewrite  sequence  (T 
M( I  M(i+B  :  A)  lb  V  (0  <  i  <  n)  such  that  M'  =  M<°> ,  N  -4*  M(n). 
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Proof.  Define,  for  any  terms  T  l~C  M  :  A  and  T  l~C  N  :  .4. 

mi  It)  =  maximal  length  of  /3-reductions  starting  from  M, 
and  M  <  N  if  and  only  if  m(M)  <  m(N).  then 

M  -4,3  A7  =y  M  >  N 
T  hg  M  A7  :  A  =i>  M  >  N 

and  the  result  follows  by  the  previous  Lemma  and  4.12.  □ 

Lemma  5.18.  If  (L  bg  M  A7  :  .4)  lb  'V  then  for  all  T  hg  M'  :  -4  such  that  M'  -4,,  M  there  is  a 

T  hg  A7'  :  .4  such  that  N'  ->”F  N  and  (T  h|  M'  N'  :  .4)  lb  V. 

In  pictures: 

M'-m*  T 

r)  'H  |  RF 

Y 

M~^N 

Proof.  By  definition,  L  hg  M  — l  N  :  A  if  there  are 

(A  hg  l  -4  r  :  B)  £  R. 

0  :  A  4,  T(M.  Mo), 

T  hg  /:"['(  4/.  Mo)  h  O  :  4 1  Mi Ma)j  :  .4 

such  that 


M  =  E[M0],  N  =  E[N0], 

M0  =  01.  N0  =,j  Or. 

We  will  construct,  by  induction  on  T  bg  ElT(M,Mc)  h  o  :  JL(M,  M^|]  :  A,  an  environment  L  h 
E1  [r(M,  Mo)  b  O  :  MM.  M0)]  :  1  and  term  f  hg  A7'  :  .4  such  that 

M'  =  E’lMfj,  A7'  =  E'[Kl 
M'0  =  01.  A7'  =„  Or, 

N'  -4FF  N. 

We  show  some  representative  cases: 

•  Case: 

robg  *40:type  roCL 
rhgo[rohou40]:.40 

Then  M'  =  01.  hence  picking  E'  =  E  and  N1  =  N  we  have  the  result. 

•  Case: 

T\-^Mp.U.r:A.B  T\-^E2lTo\-o:Aoj:A 

ThgMi  (E2[roho:.40]):B  B 

We  have  three  different  subcases: 

-  B  =  He  :  A' .B'  and  M'  =  A y  :  A1. (Mi  M2)  y  -4,,  Mx  M2  =  M 
It  is  easily  checked  that 

T  hg  A y  :  A'. (Mi  E2[T(M,M0)  h  o  :  A(M.M0)j  y)  :  B 
and  A y  :  A'.(E[N0j  y)  -4„  A7. 


YU 


24 


-  M'  =  (M{  M2)  -4,,  (Tt§  =  M 

By  inversion  (and  type  conversion,  if  necessary),  T  M[  :  n.r  :  A.B.  and  E1  =  M[  E2:  N'  = 
£'[iVo]  are  as  required. 

-  M'  =  (Mi  ML)  -4,,  (Mx  M2)  =  M 

By  inductive  hypothesis  on  T  l~C  EApA  h  o  :  _40]  :  A  we  get  EL  and  NL:  defining  E'  =  Mi  EL  and 
TV'  =  Mi  NL  we  have  the  result. 

•  Case: 

n-^£|rol-o:_4o]:.4  A=B  T\-^B:type 
T\-£E\T0\-o:Aof.B 

Immediate  by  inductive  hypothesis  and  type  conversion. 

□ 

Corollary  5.19.  If  (I'  M  A  TV  :  .4)  lb  V  then  for  all  T  K:  M'  :  .4  such  that  M'  -4,*  M  there,  is  a 
r  N'  :  .4  such  that  N'  -4*  TV  and  (T  PC  M'  A  N1  :  .4)  lb  V 

Proof.  By  induction  on  the  length  of  the  reduction  M'  —4*  M,  using  the  Lemma.  □ 

Lemma  5.20.  If  (T  M  A  N  :  A)  lb  V  then  (r  \-£  M  A  N  :  .4)  lb  V. 

Proof.  Immediate  from  Corollaries  4.11,  5.17.  5.19.  □ 

Corollary  5.21.  If  (T  hg  M  A  N  :  A)  lb  V  then  (T  bj  M  A  N  :  .4)  lb  V. 

Proof  of  Theorem  5.5.  One  direction  has  already  been  proved  by  Corollary  5.7.  The  proof  of  the  other  is 
by  induction  on  the  derivation  of  T  bv  M  =  N  :  -4  I>  T>.  Most  of  the  cases  are  immediate.  The  only  two 
requiring  some  work  are  application  and  abstraction: 

•  Abstraction: 

Tl-^.4:type  T,x:A\-$M=N:B>V 

— s — i± - - - a -  4 _<a/  /,> 

T\-^Xx:A.M=Xx:A.N:Tlx:A.Bt>V  ~  ~ S 

By  inductive  hypothesis, 

(T,  x  :  ,4b^  M  A  N  :  B)  lb  V. 

By  Proposition  5.9. 

i  I  •  r  :  4  hi-  M  A  Y  :  B)\-  7\ 

and  by  Proposition  5. 13.(1)  and  Corollary  5.21 

(T  hgs  ( Xx  :  A.M{1)  A  (Xx  :  A.TVjJ  :  ILc  :  A.B)  lb  V. 

By  conversion 

(T  (A.r  :  A.M)  A  (A.r  :  A.Mjj)  :  Mr  :  A.B)  lb  V. 
iV  \-£  (\x  :  A.TVjj)  A  (A.r  :  .4. TV)  :  n.r  :  A.B)  lb  V, 

hence  by  transitivity  the  result. 

•  Application: 

T\-Ml=M'Alx:A.Bt>V  I'K-.Y-.Y':  4[>P' 

- 5 - 5 - 2 -  a-0B  for  all  a&V 

I  bd  M  N=M'  N':Bt>{V\JV) 

By  inductive  hypothesis, 

(T  K‘:  M  A  M'  :  n.r  :  A.B)  lb  P. 

(T  1-7)  TV  A  TV'  :  A)  lb  V . 
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By  Proposition  5.9, 

(T  Mil  44  M[y  :  TT.r  :  .4.5)  lb  V. 

(T  PC  Aru  A  %  :  Jfj  Ih  V% 

by  Proposition  5.13  and  Corollary  5.21 

(r  ^C  (A4  A\)  44  (J^  A'n)  :  B)  Ih  V 
(r  PC  (M;  Ni)  44  (M;  4)  :  5)  Ih  V\ 

and  by  conversion  and  transitivity  the  result. 

□ 


6.  Critical  Pairs 

As  in  the  first  order  case,  the  check  for  local  confluence  of  44  goes  through  the  search  for  critical  pairs 
generated  by  the  rules  of  the  HTRS  B.  The  definition  of  critical  pairs  here,  however,  is  complicated  by  the 
presence  of  dependent  types.  Before  giving  the  precise  definition  of  critical  pair,  we  need  some  additional 
machinery: 

Definition  6.1.  Let  8  :  T  — 7  A  be  a  substitution,  the  support  of  8  (supp(0))  is  the  set 

{.r;  £  clomP  |  -i (8(x)  = 

Given  two  substitutions  8  :  T  — 7  A  and  8'  :  T'  —r  A',  we  will  say  that  they  are  equivalent,  and  write  8  =  8' . 
if  supp(0)  =  supp(fP)  and  8(x)  =  8'(. r)  for  all  x  £  supp(#). 

Proposition  6.2.  Let  8  =  {af  i-4  M}  :  T  — r  A  be.  M  substitution.  T  PC  Ay  :  A.M  :  Ily  :  A.B  any  term  .  then 
th  ere  is  a  substitution  81  :  T.y  :  A  —r  A,  y  :  [M/x]A  such  that.  8'  =  8  and 

8 (Ay  :  A.M)  =  Ay  :  8A.8'M 

Proof.  From  A  PC  8M  :  [M/af](IIy  :  .4.5)  we  get  A  PC  [M/lr](IIy  :  .4.5)  :  type  and  by  inversion  A  P^ 
[4//.C  l  :  type. 

Also,  by  inversion  (using  type  conversion,  if  necessary).  T  PC  A  :  type,  P.  y  :  A  PC  M  :  B.  and  A  5: 
hence  A  PC  8 A  1)  type. 

Let  A,  y  :  8 A  PC  N  1)  [M /if].4  be  such  that  N  =  y,  then  8'  =  {T  1-4  M.  y  h-4  N}  :  P.  y  :  .4  4  A.  y  :  [4/ /'./•]  4.. 
so 


APf  8  Pbype  A,y:8A\-^8'Mlf[M/x\B 
APv \y.!>  \.o\ni\\y.v  L\M/x]B 


8A^[M/x]B. 


By  type  conversion  A  PC  Ay  :  8A.8M  f)  [M/x](Tly  :  8 A.B  and.  observing  that  8(Xy  :  A.M) 
8 A  .  8' M).  by  uniqueness  of  canonical  forms  we  get  the  result. 


=  (Ay 


□ 


Definition  6.3.  Let  8  :  T  — 7  A  be  a  substitution,  an  atomic  term  F  P5  M  .4  is  said  to  be  stable  for  8  if 
M  =  hN  where  h  is  either  a  constant  c  or  a  variable  x  ^  supp(0). 

Stability  implies  that  the  head  of  a  canonical  term  is  preserved  by  the  application  of  a  substitution,  i.e. 
that  8(hN)  =  h8N. 

Lemma  6.4.  Let  8  =  {af  1-4  M}  :  T  -4-  A  be  a  substitution,  T  PC  M  i  .4  stable  for  8.  then,  there  exists  an. 
atomic  term  A  PC  A/'  i  [A/ /x]A  such  that.  8M  -4*  A/'. 

Proof.  By  Lemma  4.8  and  uniqueness  of  canonical  forms,  it  suffices  to  show  M'  =  8M.  Moreover,  by 
Proposition  4.16  and  Corollary  4.7,  we  need  only  to  show  A  P5  M1  J,  \M /x\A.  The  proof  goes  by  induction 
on  the  derivation  T  Pv  M  J,  .4: 
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•  Case 

^(r-)=A 

ri-sc  i  .4 

It  is  immediately  verified  that  9c  =  c.  and  for  each  x  €  domT.  x  £  TV  (A).  Hence  \M  jx]A  =  -4  and 
therefore 

Y.(c)=\M/x]A 
Ah vc  4  [M/x\A 

•  Case 

T(x)=A 
rhv.r;  4  -4 

By  stability,  6(x)  =  j|  by  inversion  on  9  :  T  — r  A  we  have  A(x)  =  [M /x\A,  hence 


Ai  [4/ ■  1 

Ahs®4  \M/x]A' 

•  Case 


ThsM  4  Tly.A.B  rhsAr  41 .4 
IK;  4/  V  4  [N/y]B 

Since  by  hypothesis  M  N  is  stable  for  0,  so  is  M,  so  by  inductive  hypothesis  there  is  an  atomic  term 
A  K:  M'  4  [M/x](Tlit :  A.B)  such  that  6M  -4t*  M' .  Then 


AhsM'  4  \M/x}{Hy:A.B)  Ahs6»Av  41  \M/x]A 
ThsM  ON  4  [0N/y][M/x]B 

From  A  h^  6(M  N)  41  [4/ /7  [.Y/</’  B  we  get  A  hff  [M/x][N/y]B  :  type  and.  since  [M /x][N/y\B  = 
[6 N/ tj][M /x]B ,  by  type  conversion  the  result. 

•  Case 

rhsM  4  -4  A=B  rhs_B:type 
IK  4/  .  />’ 

Immediate  by  inductive  hypothesis  and  type  conversion. 

□ 

Definition  6.5.  Let  6  =  {7  1-4  M}  :  T  — 7  A  be  a  substitution,  an  environment  F  h?  £|ro  h  o  :  _40]  :  A  is 
stable  for  6  if  whenever  the  rule 


rh^AfiJLniLB  rh^H2[roho:J0]:.4 

rhCi/,i/A[r  ho:  1  y.n  A°^  B 

is  applied.  T  hv  M  4  ILr  :  A.B  and  M  is  stable  for  6. 

Since  all  the  applications  contained  in  it  involve  stable  terms,  one  would  expect  that  a  stable  environment 
preserves  most  of  its  structure  when  the  substitution  is  applied  to  if.  The  following  Lemma  shows  that  this 
is  actually  the  case: 


6  =  {7  1-4  M}  :  T  4  A 

T  h?  /-.'IF  h  o  :  _40]  :  .4  stable  for  9. 
F0  h4;  M0  41  *40.F0  h^  _40  4  type, 


Lemma  6.6.  Let 
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and  M  =  E\M0\}  then  there  are 

8'  :  ro  4  Ao  with  8'  =  8. 

A  l-C  E' [Ao  h  o  :  [M/x]A0j  :  \M/x]A 

such  that: 

1.  fT  hg;  Spfo]  -4  then  8AI  =  E'\8' M0\  and  A  hg;  £'[6>'Mo]  1|  [M/ir]A; 

2.  ifT  hg;  E[M0]  4  .4  then  8M  -4§  E'p'Mo]  and  A  hg  E'p'Mo]  4  [M/ir]A. 

Proof.  By  induction  on  the  derivation  of  T  hg;  _E[ro  h  o  :  Ac]  :  -4: 

•  Case 

r  hg.A  :type  rGcr 
rh^|roho:A0]:.40 

(1)  By  Weakening  T  hg  M0  :  .40,  so  A  h^  8Ma  1|  [M /x\A0,  lienee  by  letting  E'  =  E  =  o.  8'  =  8  we 
have  the  result. 

(2)  By  hypothesis  T  hg  A0  4  type  and  therefore  [M /x]A^.  =  A".  A  h-g$  A"  4  type.  Hence  by 
Inversion  A  hg  8M  4  [M/jf]A0,  and  the  proof  follows  from  (1). 

•  Case: 

rhg.4:type  P.:r:Ahg£'1  [roho:.4o]:H 

rhgA.:rn4.H1[roho:Ao]:n.:rn4.B  -s  B 

(1)  Since  T,  x  :  A  hg  E\  [M0]  :  B.  by  Inversion  T,  x  :  A  hg  -Ei[M0]  1|  B.  By  Proposition  6.2  there  is 
8-i  :  r.  x  :  A  -g  A.  x  :  [M /x\  A  such  that  8\  =  8  and  8( Xx  :  A.E i  [M0] )  =  (Xx  :  8A.8 i  E\  [M0] ),  hence  we 
can  apply  the  inductive  hypothesis  obtaining 

8'  :  Po  4  A0. 

A,  x  :  \M/x]A  hg  E[\ A0  h  o  :  [M/x]A0j  :  [M/x\B 
such  that  8 Ei [M0]  =  E[[8'M0]  and  A. ge  :  \M/x]A  hg  E[\8' M0\  1|  \M/x\B.  Let  E'  be 
A  hg  Xx  :  A.//7]  l./g  [Ao  h  o  :  [M /x\A0j  :  [M /x]Tlx  :  A.B. 

it  is  as  required. 

•  Case: 

rh^Ei[roho:A0]:n:r:H.A  T\-£M2:B 

rFp^rrapjA 

(2)  Since  T  hg  E\  [Af0]  :  Ilx  :  B.A ,  by  Inversion  T  hg  £i[M0]  4  Hr  :  B.A.  By  inductive  hypothesis 
there  are 

8'  :  To  4  A0j 

A  hg  E[[ Ao  h  o  :  [M/x\A0j  :  [M /x]Tlx  :  B.A 
such  that  6E\ [M0]  -4t*  E\[8'MC\  and  A  hg  E\[8' Mc\  4  [M/x](Tlx  :  B.A).  Let  E'  be 

A  hg  (E'i  [Ao  h  o  :  \M/x]A0\)8M2  :  [4//.r]  4, 

it  is  as  required. 

(1)  By  inversion,  we  must  have  A  =  Ag  T  hg  A'  4  type;  it  is  not  difficult  then  to  verify  that 
[M/x\jk  =  -4”,  A  hg  A"  4  type.  Hence  by  Inversion  T  hg  £|M0]  4  *4,  and  the  result  follows  from  (1) 
and  uniqueness  of  canonical  forms. 

•  Case: 

rhgMi :I  l.r :  />'.  4  hhd /•:•.[!'  hc:A 
rhgM1(E2[roho:Ao]):A 


4  ..4 '  4. 
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(2)  Since  T  hj^  £2  [Ms,;]  :  B.  by  Inversion  F  by  M\  i  ILr  :  B.A  and  T  by  £o[Af0]  Ij-  B.  By  inductive 
hypothesis  there  are 

8’  :  ro  4  A0, 

A  b?  b  o  :  \Mfe\Ao]  :  [M /x]B 


such  that  8E2\M0\  =  E2[8'AI0J  and  A  by  E2\8'  M0\  If  \M/x\B.  By  stability  of  Mi,  there  is  a  M[  such 
that  8 Mi  -4*  M[  and  A  by  M[  f  [M/af](ILr  :  B.A).  Let  then  E'  be  the  environment 

A  K:  M,  (/•::,! A  b  o  :  \M/x\Ao])  :  [ M/x]A , 

it  is  as  required. 

(1)  Similar  to  (1)  of  the  previous  case. 


•  Case: 

rh^®[rol-o:Ao]:B  B=A  T\-^B:type 

rh^[roho:A0]:.4 

Both  (1)  and  (2)  follow  trivially  from  inductive  hypothesis  and  type  conversion. 


□ 


Notation.  For  the  rest  of  this  paper,  we  will  write  E(0,Mo)  and  8(E.M0)  to  denote  the  environments  E' 
and  substitutions  O'  obtained  from  Lemma  6.6. (1). 

Definition  6.7  (Critical  Pair).  Let  R  be  a  HTBS,  F 1  by  R  -4  ;q  :  C'i,  T2  by  1-2  -4  r2  :  CA  two  rules  in 

R.  6>i  :  Ti  4  A.  82  :  T2  4  A,  6>j  =  {3:  1-4  JV},  and  F,  b?  £|F0  h  o  :  A0]  :  A  such  that  h  =  £|M0], 

0\\E\iM  \M  =  6*2/2.  then 

A  K-  <  E(0i.Mo)le2r2l0rri  >:  \N /x]Ci 

is  a  critical  pair 

Remark.  By  applying  a  renaming  substitution  and  using  o-conversion.  we  can  assume,  without  loss  of 
generality,  F]  flF2  =  0.  The  by  Weakening  it  is  easily  verified  that  81  U  82  :  I  1 . 1  ••  — ?  A  is  a  unifier  of  li  and 
M0,  and  the  definition  above  appears  as  a  generalization  of  the  familiar  one  for  first-order  TBSs. 

Example  2.  In  the  HTRS  for  the  typed  lambda  calculus  given  before,  letting 

Ti  =  A  :  type,  B  :  type.  F  :  (term  .4)  =>  (term  B),  U  :  term  A 
F 2  =  A  :  type.  B  :  type,  G  :  term  (arrow  A  B) 

A  =  .4  :  type,  B  :  type,  G  :  term  (arrow  A  B).  U  :  term  A 


#1  =  {.4  h4  .4.  B  1-4  B.  F  h-4  (A.r  :  term  .4. app  G  x).  U  1-4  U } 

6*2  =  {.4  1-4  .4,  B  1-4  B.  G  h4  G} 

E  =  app  o  U 

we  get  the  (trivial)  critical  pair 

Ab4  app  G  U.  app  G  U  >  :  term  B 

Proposition  6.8.  Let  8  =  {.r  1-4  M}  :  r  4  A  be  a  substit.nt.ion,  F  bC  M  J,  C  stable  for  8.  8M  -4*  M[  M2, 
A  M'iM'2  i  { M/x]C .  then  M  =  Mx  M2.  8M1  -4,*  M[.  0M2  =  M2. 

Proof.  If  M  =  c  or  M  =  x  where  x  £  supp(0),  then  8M  =  M.  contradiction  to  uniqueness  of  atomic 
forms.  Therefore  M  =  Mj  M2.  By  inversion,  there  are  types  A,  B  such  that  F  b?  Mi  i  ILr  :  A.B. 
r  by  M2  :  A.  C  =  [M2/x]B.  Since  Mi  is  also  stable  for  8,  by  Lemma  6.4  there  is  an  atomic  term 
A  bg  M{  i  [M/x](Tlx  :  A.B)  such  that  0 Mi  -4;  M['.  Then  A  b^  M[  8M2  :  [8  M2  /  x][M /x]B ,  and  by  type 
conversion,  since  [8  M2  /  x][M /xf\B  =  [M /x][M2/ x]B,  the  result.  □ 
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By  definition,  the  only  non-stable  subterms  of  a  pattern  M  have  a  very  specific  form.  i.e.  the  must  consist  of 
a  free  variable,  possibly  applied  to  a  sequence  of  terms  equivalent  to  distinct  bound  variables.  Unfortunately, 
this  property  is  not  preserved  by  subterms,  since  bound  variables  may  become  free.  Proposition  6.2.  however, 
suggests  a  slightly  different  definition  of  pattern,  which  relies  on  the  support  of  a  substitution  rather  than 
on  on  the  set  of  free  variables  of  the  term. 

Definition  6.9.  Let  8  :  T  — 7  A  be  a  substitution.  A  term  T  by;  M  1J-  -4  (T  bv  M  f  .4)  is  said  to  be  a  pattern 
for  8  if  each  x  £  suppi  (/';  appears  in  M  applied  to  terms  (/-equivalent;  to  distinct  bound  variables. 

Proposition  6.10.  IfT  bv  M  Ij-  -4  is  a  pattern,  then  it  is  a  pattern  for  any  substitution  8  :  T  —r  A. 

The  following  theorem  says  that  any  subterm  N'  of  8M,  where  M  is  a  pattern  for  8.  either  corresponds 
to  a  subterm  N  of  M  (such  that  8' N  =  N'  for  some  8'  =  8)  or  it  is  a  subterm  of  8(x)  for  some  x  £  supp 6. 
This  key  fact  will  play  a  central  role  in  the  proof  of  the  Critical  Pair  Lemma. 

Lemma  6.11.  Let 

«={I4M}:T4a 

A  E'fAo  h  o  :  X]  :  C' 

A0  b^  M'  -4|, 

T  bb  M  :  C. 

then 

1.  if  8M  =  E'[Mfj.  A0  bb  E'[Mf\  |1  C  and  T  b4  M  1|  C  pattern  for  8.  or 

2.  if  8M  -4;  E'lMi],  A0  bj£  E'[Af']  i  C" .  and  T  b^  M  f  C  both  pattern  and  stable  for  8 , 

then  either  there  is  an  environment  E  stable  for  8  such  that  M  =  £|MC].  E'  =  EU).  M0 ) .  M'a  =  8(E ,  M0)M0. 
or  there  are  well-typed  environments  Em,  Eg  and  variable  x  £  supp(0)  such  that  M  =  EmI-J’W].  JV*  =  tj;. 
8^)  =  \y:C.Ee[MflE'  =  EM(8,xJf)[Eel 

Proof.  By  induction  on  the  derivation  of  A  b4  £'[A0  b  o  :  .41]  :  C',  where  C'  =  [ M/x]C\ 

•  Case 

Aob4-44fypG  A0CA 
Ab^IAobo  :X]:X 

(1).  (2)  Immediate,  by  letting  E  =  o. 

•  Case: 

AK.  l':!ypc  A..c  1'bdA,  [A0bo:A|]:i? 

A^X.v.A1  .EWAo^o-.Aff.Tlx-.A1  .B1  -s  B 

(1)  By  Inversion  on  A  bb  Arc  :  A'.E[  [M|]  JJ.  II a;  :  A'.B'  we  obtain  immediately  A.  x  :  A'  b^  Ej[Af']  JJ- 
B.  From  the  derivation  of  T  bs  M  JJ.  C  we  get  types  .4.  B  such  that  M  =  Arc  :  A.Ali ,  C  =  Hr  :  A.B  and 
T,  x  :  .4  bv  A/]  JJ.  B.  By  Proposition  6.2  and  uniqueness  of  canonical  forms  we  conclude  A'  =  [M /x]B. 
The  result  then  follows  by  inductive  hypothesis. 

•  Case: 

Ab^Ej [Aoho:X]:IIrr:B,..4/  Abb 
Ab4(Ei[A0bo:.4|])M':[M'/:c].4' 

(2)  By  Inversion  on  A  \~f  (E^fAIfDAI^  f  \Mn/x]A'  we  obtain  immediately  A,  rc  :  .4'  b^  Ei\M'f\  f  B. 
By  Proposition  6.8.  M  =  AI\  A'E  and  inversion  on  the  derivation  of  T  bb  M  JJ  C  there  are  types  .4,  B 
such  that  T  b^  Afi  JJ  Tl.r  •  B.A.  T  bj:  AE  JJ-  B,  and  C  =  [AE/ x]B.  From  Lemma  6.4.  by  uniqueness  of 
atomic  forms  we  deduce  8 A'L%  =  8AI1  -4*  E\  [Af'].  hence  the  result  follows  by  inductive  hypothesis. 

(1)  We  must  have  A  b^  Cj(  4-  type.  It  is  not  difficult  then  to  verify  that  F  bb  Cf  J.  type,  and 
therefore  by  Inversion  F  Kg  A1  f  C.  If  A1  is  stable  for  8,  the  result  follows  from  (1).  Otherwise,  by 
definition,  it  is  easy  to  verify  A 1  =  xN,  Ni  =  iji,  x  £  supp(0),  8(.r)  =  Ay  :  C.E'\M'0\.  Hence  Em  =  o, 
Eg  =  E'  are  as  required. 
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•  Case: 


AKM/;:ll.f:/r,l'  AK<K[A0bo:.4']:iT  4, 


AK:M'itt[A  be:  4' >  4' 

(2)  By  Inversion  on  A  M) (£2 [Mo])  4-  A1  we  obtain  immediately  A  £)  [M']  Ij.  B.  By  Proposition 
6.8.  M  =  Mi  M2.  and  by  inversion  on  rhe  derivation  of  F  by  M  Ij.  C  there  are  types  A.B  such  that 
F  by  Mi  1)  ILr  :  B.A.  T  by  -M2  B.  and  C  =  [M2/x]B.  From  Lemma  6.4.  by  uniqueness  of  atomic 
forms  we  deduce  8M2  =  6M- \  -4*  Mj,  hence  the  result  follows  by  inductive  hypothesis.  Notice 

that  head(A')  =  head(A). 

(1)  We  must  have  A  by  C 4-  type.  It  is  not  difficult  then  to  verify  that  T  by  C'jj.  \,  type,  and 
therefore  by  Inversion  F  by  M  f  C.  If  M  is  stable  for  6,  the  result  follows  from  (1).  Otherwise,  by 
definition,  it  is  easy  to  verify  M  =  x N,  A’,-  =  1 x  G  supp($).  8(x)  =  XlJ  :  C.E'\M'0\.  Hence  Em  =  o, 
Eg  =  E'  are  as  required. 

•  Case: 

AK./-:'[A  be:  4'  ~:B'  B'=A'  Abb  /ibiype 
Ab^lA0bo:A4]:W 

Both  (1)  and  (2)  follow  trivially  from  inductive  hypothesis  and  type  conversion. 


Theorem  6.12  (Critical  Pair  Lemma).  Let  R.  be  a  HTRS.  if  T  by  M  -4  N\  :  -4  and  T  b^. 
then  either  there  is  a  critical  pair  in  R.  or  there  are  rewriting  sequences  T  by  Nx-  -4  7V]|,+11 

r  b^  A7)'1  4  IV2(i+1J  40  <  i  <  n2)  such  that  n[0]  =  Ay .  A7)0’  =  Ab,  W)"1  ’  =  Af’2). 


□ 

M  4  N2  :  .4 

(0  <  i  <  ni  )■ 


Proof.  By  definition.  F  by  M  — >  Nk  if  and  only  if  there  are 

Afc  b^  lk  -4  rk  :  Ck  G  R.ek  :  Afc  4  T.T  b^  E(k)[T(0k)  b  o  :  A{0k,j  :  .4 

such  that  Mjj  =  /•:  '  (Nk)n  =  /•:"  [C,./ (k  =  1.2). 

The  proof  proceeds  on  induction  on  the  size  of  the  environments  E^l\  E ^ .  We  show  some  representative 
cases: 

•  E(1)  =  Xx  :  A.E[1],  E(2>  =  Xx  :  A.E\2>: 

Using  type  conversion,  if  necessary,  we  can  assume  that  the  type  derivations  of  E^] .E[2]  are: 


rby -4:type  r.^AbgE*1 1  [r^-’bo:^1  ]j:B 


AAffB 


rby Ghtypc  r,a::,4by£']2' p42)bo:,4o2)]:£ 


AAffB 


I  bf  Xx:  1./:; ' 1  [r^’bo: 41J]:nr.4J  Fby A.r:.4.£')21  [r4bo:-4o2l]:n.r:.4.i? 

Then  M^  =  Xx  :  A.  Mi .  and  by  Inversion  on  I\  .r  :  A  b?  i^’^i]  :  B  we  have  T,  x  :  .4  bg  Mi  I)  B. 
Therefore 

r, a :  .4  by  Mi  4  [C..b/,I  (k  =  1,2), 

and  the  result  follows  by  inductive  hypothesis. 

•  E(1]  =  E[1}  Ah  U>2>  =  E[2)  Ah 

Using  type  conversion,  if  necessary,  we  can  assume  that  the  type  derivations  of  are: 


rb-gE-j1 1  [r4 1  bo:-4i1J]:n.r:-4.H  Fbg  Ah.4  rbgEf  ’  [r!,2)bo:-4*2)]:n.r:.4.5  rbgAh.4 


rhg {E\l>  [rj,lj bo:-4^]p: [Afi:]B  rhg (E\z>  [To  bo:-4o  J])AT:[AT/a:]B 

By  inversion.  My  =  (h  M)  Ah  Since  all  rules  are  of  atomic  type,  it  is  easy  to  see  that  there  are 
indexes  ik  such  that 

E[k)  =  h  Ml . . .  M:  ;  Eik)  Mik+X . . .  Mm  (k  =1,2) 

There  are  two  subcases: 
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'I  -  *2 

Bv  inversion  on  the  derivation  of  T  hv  Mjj.  (I  [Ar/;r]B  we  get  Vi  \ I  .  \I,.  )  h?  M,-,  (l  A(M^,  Mq  ), 
and  the  result  follows  by  induction  hypothesis. 

~  hi  *2 

Assuming  i i  <  *2,  it  is  easy  to  verify  that 

r  (ft  Ah  . . .  e£j  M;-1+j . . .  Mis_!  Ej22,I(92r2]  Mis+1 . . .  Mm)  VV  :  [A//as]E 
T  (ft  Ah  . . .  Ah,  — i  Ej '  [0i  >q  ]  Ah  +]  . . .  .1/..  ,  E<;2)  Mi2+1  . . .  Ahn )  TV  :  A 
are  well-typed  contexts,  hence  letting 

Nl1}  =  N[2]  =  (hAh...Ah,-i  E^I^n]  Aft1+1...M„s_i  E£>[02r2]  M„s+i . . .  Mm)  iV 
we  have 

I'K.  v,  Af  :  1  (fc  =  1.2) 


•  iT*1 1  =  o: 

Then  /9i  / 1  =  E(2)  [#212].  By  Lemma  6.11  we  have  two  possible  subcases-: 

—  There  is  E  stable  for  81  such  that  /]  =  E[M0],  Et2<  =  h'A0\ .  1/  /)•,  ()•> r->  =  #1  (E.  AI0)A10. 
Then  by  definition 


T  h^<  E(6i,  M0)[#2r2],  diPi  >:  A 


is  a  critical  pair. 

—  There  are  well-typed  environments  Eg1  t  .  Eg,  and  variable  x  £  supp(0i )  such  that  8\ l\  =  Efa  [asM], 
Mi  =  yi,61(x)  =  Ay:C.E01[6&\,E'  =  E0lll(61,xN)[E01l 
Let  8[  :  A]  -4  T  defined  as 


o'M 


81  (y)  vix 

Ay  :  C.Eg1  [#2r2]  y  =  x, 


we  want  to  show  that  both  Ni  =  8ih  and  jV2  =  E(2)[#212]  both  rewrite  to  0[r  1. 
Assume  A]  9\  (as)  :  C,  let  2  be  a  fresh  variable,  define  9f  :  Aj  -4-  T.  3  :  C  by 

«;(!,)  = 

I  z  y  =  x. 


By  replacing  progressively  all  the  occurrences  of  z  in  Ofh,  starting  from  the  occurrence  in  (Of,  xN% 
with  Ay  :  C.Eg ,  [02r2],  we  get  a  rewrite  sequence  A^!|  such  that  AT-}01  =  Ni,  AT-}"1  11  =  Simi¬ 
larly.  by  replacing  all  the  occurrences  of  z  in  0jn  with  Ay  :  C.Eg ,  [#2r2]  we  get  a  rewrite  sequence 
JVj*’  such  that  Ay01  =  [9\^x)/y]6l ri  =  A/"2,  Ar2”2 1  =  The  result  then  follows  by  a  single 

additional  rewrite  step. 

□ 


Definition  6.13.  Let  R  be  a  HTRS,  if  whenever  T  by  M  -4  Aq  :  A  and  T  by  M  -4  A~2  :  A  there  are 
rewriting  sequences  T  by  AT}*’  -4  N[>]  (0  <  i  <  nj ).  T  by  Nl‘]  -4  A^*’  (0  <  i  <  no)  such  that  Aq01  =  Aq . 
A^0)  =  qV2,  A7]”1  1  =  A^"2*,  R  is  said  to  be  locally  confluent. 

Corollary  6.14.  If  for  all  critical  pairs  T  by<  Ah  N  >  :  A  of  a  HTRS  R  both  M  and  N  R -rewrite  to  a 
common  term,  then  R  it  is  locally  confluent. 
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7.  Future  Developments 

The  Critical  Pair  Lemma  gives  us  a  criterion  to  check  for  local  confluence  of  a  HTRS.  As  said  before,  local 
confluence  assumes  a  great  relevance  in  presence  of  termination,  since  by  Newman’s  Lemma,  it  provides  a 
simple  and  computationally- effective  way  to  check  for  confluence.  Very  recently,  in  [5]  and  [12]  two  methods 
of  proving  the  termination  of  a  HTRS  have  been  proposed  for  simple  types;  it  is  our  hope  that  these  will 
translate  to  dependent  types,  and  that  perhaps  the  richer  type  structure  will  allow  to  obtain  better  results. 

Another  interesting  line  of  research  is  i?-re  writing  modulo  a  (higher-order)  equational  theory  E.  In  LF, 
where  the  relation  -<A  define  a  hierarchy  of  types,  it  is  possible  to  define  a  suggestive  notion  of  “multi-staged 
completion”:  once  a  terminating  HTRS,  defined  on  some  set  S  of  type  classes,  has  been  checked  for  local 
confluence,  it  becomes  part  of  the  underlying  equational  theory  E  modulo  over  which  a  new  HTRS,  defined 
of  a  set  S'  of  “higher”  type  classes  (i.e.  VA  6  S3B  €  S'  A  -<A  B ,  or  at  least  VA  6  SNB  €  S'  B  A)  is  in 
turn  tested  for  confluence,  and  so  on. 
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